OpenCores
URL https://opencores.org/ocsvn/or1k/or1k/trunk

Subversion Repositories or1k

[/] [or1k/] [trunk/] [ecos-2.0/] [packages/] [kernel/] [v2_0/] [doc/] [kernel.sgml] - Blame information for rev 1765

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 1254 phoenix
2
 
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
35
36
 
37
38
  The eCos Kernel
39
 
40
41
 
42
  
43
 
44
    
45
    Kernel Overview
46
    
47
 
48
    
49
      Kernel
50
      Overview of the eCos Kernel
51
    
52
 
53
54
 
55
    
56
      Description
57
      
58
The kernel is one of the key packages in all of eCos. It provides the
59
core functionality needed for developing multi-threaded applications:
60
      
61
      
62
        
63
The ability to create new threads in the system, either during startup
64
or when the system is already running.
65
        
66
        
67
Control over the various threads in the system, for example
68
manipulating their priorities.
69
        
70
        
71
A choice of schedulers, determining which thread should currently be
72
running.
73
        
74
        
75
A range of synchronization primitives, allowing threads to interact
76
and share data safely.
77
        
78
        
79
Integration with the system's support for interrupts and exceptions.
80
        
81
      
82
      
83
In some other operating systems the kernel provides additional
84
functionality. For example the kernel may also provide memory
85
allocation functionality, and device drivers may be part of the kernel
86
as well. This is not the case for eCos. Memory allocation is handled
87
by a separate package. Similary each device driver will typically be a
88
separate package. Various packages are combined and configured using
89
the eCos configuration technology to meet the requirements of the
90
application.
91
      
92
      
93
The eCos kernel package is optional. It is possible to write
94
single-threaded applications which do not use any kernel
95
functionality, for example RedBoot. Typically such applications are
96
based around a central polling loop, continually checking all devices
97
and taking appropriate action when I/O occurs. A small amount of
98
calculation is possible every iteration, at the cost of an increased
99
delay between an I/O event occurring and the polling loop detecting
100
the event. When the requirements are straightforward it may well be
101
easier to develop the application using a polling loop, avoiding the
102
complexities of multiple threads and synchronization between threads.
103
As requirements get more complicated a multi-threaded solution becomes
104
more appropriate, requiring the use of the kernel. In fact some of the
105
more advanced packages in eCos, for example the TCP/IP stack, use
106
multi-threading internally. Therefore if the application uses any of
107
those packages then the kernel becomes a required package, not an
108
optional one.
109
      
110
      
111
The kernel functionality can be used in one of two ways. The kernel
112
provides its own C API, with functions like
113
cyg_thread_create and
114
cyg_mutex_lock. These can be called directly from
115
application code or from other packages. Alternatively there are a
116
number of packages which provide compatibility with existing API's,
117
for example POSIX threads or µITRON. These allow application
118
code to call standard functions such as
119
pthread_create, and those functions are
120
implemented using the basic functionality provided by the eCos kernel.
121
Using compatibility packages in an eCos application can make it much
122
easier to reuse code developed in other environments, and to share
123
code.
124
      
125
      
126
Although the different compatibility packages have similar
127
requirements on the underlying kernel, for example the ability to
128
create a new thread, there are differences in the exact semantics. For
129
example, strict µITRON compliance requires that kernel
130
timeslicing is disabled. This is achieved largely through the
131
configuration technology. The kernel provides a number of
132
configuration options that control the exact semantics that are
133
provided, and the various compatibility packages require particular
134
settings for those options. This has two important consequences.
135
First, it is not usually possible to have two different compatibility
136
packages in one eCos configuration because they will have conflicting
137
requirements on the underlying kernel. Second, the semantics of the
138
kernel's own API are only loosely defined because of the many
139
configuration options. For example cyg_mutex_lock
140
will always attempt to lock a mutex, but various configuration options
141
determine the behaviour when the mutex is already locked and there is
142
a possibility of priority inversion.
143
      
144
      
145
The optional nature of the kernel package presents some complications
146
for other code, especially device drivers. Wherever possible a device
147
driver should work whether or not the kernel is present. However there
148
are some parts of the system, especially those related to interrupt
149
handling, which should be implemented differently in multi-threaded
150
environments containing the eCos kernel and in single-threaded
151
environments without the kernel. To cope with both scenarios the
152
common HAL package provides a driver API, with functions such as
153
cyg_drv_interrupt_attach. When the kernel package
154
is present these driver API functions map directly on to the
155
equivalent kernel functions such as
156
cyg_interrupt_attach, using macros to avoid any
157
overheads. When the kernel is absent the common HAL package implements
158
the driver API directly, but this implementation is simpler than the
159
one in the kernel because it can assume a single-threaded environment.
160
      
161
    
162
 
163
164
165
 
166
    
167
      Schedulers
168
      
169
When a system involves multiple threads, a scheduler is needed to
170
determine which thread should currently be running. The eCos kernel
171
can be configured with one of two schedulers, the bitmap scheduler and
172
the multi-level queue (MLQ) scheduler. The bitmap scheduler is
173
somewhat more efficient, but has a number of limitations. Most systems
174
will instead use the MLQ scheduler. Other schedulers may be added in
175
the future, either as extensions to the kernel package or in separate
176
packages.
177
      
178
      
179
Both the bitmap and the MLQ scheduler use a simple numerical priority
180
to determine which thread should be running. The number of priority
181
levels is configurable via the option
182
CYGNUM_KERNEL_SCHED_PRIORITIES, but a typical
183
system will have up to 32 priority levels. Therefore thread priorities
184
will be in the range 0 to 31, with 0 being the highest priority and 31
185
the lowest. Usually only the system's idle thread will run at the
186
lowest priority. Thread priorities are absolute, so the kernel will
187
only run a lower-priority thread if all higher-priority threads are
188
currently blocked.
189
      
190
      
191
The bitmap scheduler only allows one thread per priority level, so if
192
the system is configured with 32 priority levels then it is limited to
193
only 32 threads — still enough for many applications. A simple
194
bitmap can be used to keep track of which threads are currently
195
runnable. Bitmaps can also be used to keep track of threads waiting on
196
a mutex or other synchronization primitive. Identifying the
197
highest-priority runnable or waiting thread involves a simple
198
operation on the bitmap, and an array index operation can then be used
199
to get hold of the thread data structure itself. This makes the
200
bitmap scheduler fast and totally deterministic.
201
      
202
      
203
The MLQ scheduler allows multiple threads to run at the same priority.
204
This means that there is no limit on the number of threads in the
205
system, other than the amount of memory available. However operations
206
such as finding the highest priority runnable thread are a little bit
207
more expensive than for the bitmap scheduler.
208
      
209
      
210
Optionally the MLQ scheduler supports timeslicing, where the scheduler
211
automatically switches from one runnable thread to another when some
212
number of clock ticks have occurred. Timeslicing only comes into play
213
when there are two runnable threads at the same priority and no higher
214
priority runnable threads. If timeslicing is disabled then a thread
215
will not be preempted by another thread of the same priority, and will
216
continue running until either it explicitly yields the processor or
217
until it blocks by, for example, waiting on a synchronization
218
primitive. The configuration options
219
CYGSEM_KERNEL_SCHED_TIMESLICE and
220
CYGNUM_KERNEL_SCHED_TIMESLICE_TICKS control
221
timeslicing. The bitmap scheduler does not provide timeslicing
222
support. It only allows one thread per priority level, so it is not
223
possible to preempt the current thread in favour of another one with
224
the same priority.
225
      
226
      
227
Another important configuration option that affects the MLQ scheduler
228
is CYGIMP_KERNEL_SCHED_SORTED_QUEUES. This
229
determines what happens when a thread blocks, for example by waiting
230
on a semaphore which has no pending events. The default behaviour of
231
the system is last-in-first-out queuing. For example if several
232
threads are waiting on a semaphore and an event is posted, the thread
233
that gets woken up is the last one that called
234
cyg_semaphore_wait. This allows for a simple and
235
fast implementation of both the queue and dequeue operations. However
236
if there are several queued threads with different priorities, it may
237
not be the highest priority one that gets woken up. In practice this
238
is rarely a problem: usually there will be at most one thread waiting
239
on a queue, or when there are several threads they will be of the same
240
priority. However if the application does require strict priority
241
queueing then the option
242
CYGIMP_KERNEL_SCHED_SORTED_QUEUES should be
243
enabled. There are disadvantages: more work is needed whenever a
244
thread is queued, and the scheduler needs to be locked for this
245
operation so the system's dispatch latency is worse. If the bitmap
246
scheduler is used then priority queueing is automatic and does not
247
involve any penalties.
248
      
249
      
250
Some kernel functionality is currently only supported with the MLQ
251
scheduler, not the bitmap scheduler. This includes support for SMP
252
systems, and protection against priority inversion using either mutex
253
priority ceilings or priority inheritance.
254
      
255
    
256
 
257
258
259
 
260
    
261
      Synchronization Primitives
262
      
263
The eCos kernel provides a number of different synchronization
264
primitives: mutexes,
265
condition variables,
266
counting semaphores,
267
mail boxes and
268
event flags.
269
      
270
      
271
Mutexes serve a very different purpose from the other primitives. A
272
mutex allows multiple threads to share a resource safely: a thread
273
locks a mutex, manipulates the shared resource, and then unlocks the
274
mutex again. The other primitives are used to communicate information
275
between threads, or alternatively from a DSR associated with an
276
interrupt handler to a thread.
277
      
278
      
279
When a thread that has locked a mutex needs to wait for some condition
280
to become true, it should use a condition variable. A condition
281
variable is essentially just a place for a thread to wait, and which
282
another thread, or DSR, can use to wake it up. When a thread waits on
283
a condition variable it releases the mutex before waiting, and when it
284
wakes up it reacquires it before proceeding. These operations are
285
atomic so that synchronization race conditions cannot be introduced.
286
      
287
      
288
A counting semaphore is used to indicate that a particular event has
289
occurred. A consumer thread can wait for this event to occur, and a
290
producer thread or a DSR can post the event. There is a count
291
associated with the semaphore so if the event occurs multiple times in
292
quick succession this information is not lost, and the appropriate
293
number of semaphore wait operations will succeed.
294
      
295
      
296
Mail boxes are also used to indicate that a particular event has
297
occurred, and allows for one item of data to be exchanged per event.
298
Typically this item of data would be a pointer to some data structure.
299
Because of the need to store this extra data, mail boxes have a
300
finite capacity. If a producer thread generates mail box events
301
faster than they can be consumed then, to avoid overflow, it will be
302
blocked until space is again available in the mail box. This means
303
that mail boxes usually cannot be used by a DSR to wake up a
304
thread. Instead mail boxes are typically only used between threads.
305
      
306
      
307
Event flags can be used to wait on some number of different events,
308
and to signal that one or several of these events have occurred. This
309
is achieved by associating bits in a bit mask with the different
310
events. Unlike a counting semaphore no attempt is made to keep track
311
of the number of events that have occurred, only the fact that an
312
event has occurred at least once. Unlike a mail box it is not
313
possible to send additional data with the event, but this does mean
314
that there is no possibility of an overflow and hence event flags can
315
be used between a DSR and a thread as well as between threads.
316
      
317
      
318
The eCos common HAL package provides its own device driver API which
319
contains some of the above synchronization primitives. These allow
320
the DSR for an interrupt handler to signal events to higher-level
321
code. If the configuration includes the eCos kernel package then
322
the driver API routines map directly on to the equivalent kernel
323
routines, allowing interrupt handlers to interact with threads. If the
324
kernel package is not included and the application consists of just a
325
single thread running in polled mode then the driver API is
326
implemented entirely within the common HAL, and with no need to worry
327
about multiple threads the implementation can obviously be rather
328
simpler.
329
      
330
    
331
 
332
333
334
 
335
    
336
      Threads and Interrupt Handling
337
      
338
During normal operation the processor will be running one of the
339
threads in the system. This may be an application thread, a system
340
thread running inside say the TCP/IP stack, or the idle thread. From
341
time to time a hardware interrupt will occur, causing control to be
342
transferred briefly to an interrupt handler. When the interrupt has
343
been completed the system's scheduler will decide whether to return
344
control to the interrupted thread or to some other runnable thread.
345
      
346
      
347
Threads and interrupt handlers must be able to interact. If a thread
348
is waiting for some I/O operation to complete, the interrupt handler
349
associated with that I/O must be able to inform the thread that the
350
operation has completed. This can be achieved in a number of ways. One
351
very simple approach is for the interrupt handler to set a volatile
352
variable. A thread can then poll continuously until this flag is set,
353
possibly sleeping for a clock tick in between. Polling continuously
354
means that the cpu time is not available for other activities, which
355
may be acceptable for some but not all applications. Polling once
356
every clock tick imposes much less overhead, but means that the thread
357
may not detect that the I/O event has occurred until an entire clock
358
tick has elapsed. In typical systems this could be as long as 10
359
milliseconds. Such a delay might be acceptable for some applications,
360
but not all.
361
      
362
      
363
A better solution would be to use one of the synchronization
364
primitives. The interrupt handler could signal a condition variable,
365
post to a semaphore, or use one of the other primitives. The thread
366
would perform a wait operation on the same primitive. It would not
367
consume any cpu cycles until the I/O event had occurred, and when the
368
event does occur the thread can start running again immediately
369
(subject to any higher priority threads that might also be runnable).
370
      
371
      
372
Synchronization primitives constitute shared data, so care must be
373
taken to avoid problems with concurrent access. If the thread that was
374
interrupted was just performing some calculations then the interrupt
375
handler could manipulate the synchronization primitive quite safely.
376
However if the interrupted thread happened to be inside some kernel
377
call then there is a real possibility that some kernel data structure
378
will be corrupted.
379
      
380
      
381
One way of avoiding such problems would be for the kernel functions to
382
disable interrupts when executing any critical region. On most
383
architectures this would be simple to implement and very fast, but it
384
would mean that interrupts would be disabled often and for quite a
385
long time. For some applications that might not matter, but many
386
embedded applications require that the interrupt handler run as soon
387
as possible after the hardware interrupt has occurred. If the kernel
388
relied on disabling interrupts then it would not be able to support
389
such applications.
390
      
391
      
392
Instead the kernel uses a two-level approach to interrupt handling.
393
Associated with every interrupt vector is an Interrupt Service Routine
394
or ISR, which will run as quickly as possible so that it can service
395
the hardware. However an ISR can make only a small number of kernel
396
calls, mostly related to the interrupt subsystem, and it cannot make
397
any call that would cause a thread to wake up. If an ISR detects that
398
an I/O operation has completed and hence that a thread should be woken
399
up, it can cause the associated Deferred Service Routine or DSR to
400
run. A DSR is allowed to make more kernel calls, for example it can
401
signal a condition variable or post to a semaphore.
402
      
403
      
404
Disabling interrupts prevents ISRs from running, but very few parts of
405
the system disable interrupts and then only for short periods of time.
406
The main reason for a thread to disable interrupts is to manipulate
407
some state that is shared with an ISR. For example if a thread needs
408
to add another buffer to a linked list of free buffers and the ISR may
409
remove a buffer from this list at any time, the thread would need to
410
disable interrupts for the few instructions needed to manipulate the
411
list. If the hardware raises an interrupt at this time, it remains
412
pending until interrupts are reenabled.
413
      
414
      
415
Analogous to interrupts being disabled or enabled, the kernel has a
416
scheduler lock. The various kernel functions such as
417
cyg_mutex_lock and
418
cyg_semaphore_post will claim the scheduler lock,
419
manipulate the kernel data structures, and then release the scheduler
420
lock. If an interrupt results in a DSR being requested and the
421
scheduler is currently locked, the DSR remains pending. When the
422
scheduler lock is released any pending DSRs will run. These may post
423
events to synchronization primitives, causing other higher priority
424
threads to be woken up.
425
      
426
      
427
For an example, consider the following scenario. The system has a high
428
priority thread A, responsible for processing some data coming from an
429
external device. This device will raise an interrupt when data is
430
available. There are two other threads B and C which spend their time
431
performing calculations and occasionally writing results to a display
432
of some sort. This display is a shared resource so a mutex is used to
433
control access.
434
      
435
      
436
At a particular moment in time thread A is likely to be blocked,
437
waiting on a semaphore or another synchronization primitive until data
438
is available. Thread B might be running performing some calculations,
439
and thread C is runnable waiting for its next timeslice. Interrupts
440
are enabled, and the scheduler is unlocked because none of the threads
441
are in the middle of a kernel operation. At this point the device
442
raises an interrupt. The hardware transfers control to a low-level
443
interrupt handler provided by eCos which works out exactly which
444
interrupt occurs, and then the corresponding ISR is run. This ISR
445
manipulates the hardware as appropriate, determines that there is now
446
data available, and wants to wake up thread A by posting to the
447
semaphore. However ISR's are not allowed to call
448
cyg_semaphore_post directly, so instead the ISR
449
requests that its associated DSR be run and returns. There are no more
450
interrupts to be processed, so the kernel next checks for DSR's. One
451
DSR is pending and the scheduler is currently unlocked, so the DSR can
452
run immediately and post the semaphore. This will have the effect of
453
making thread A runnable again, so the scheduler's data structures are
454
adjusted accordingly. When the DSR returns thread B is no longer the
455
highest priority runnable thread so it will be suspended, and instead
456
thread A gains control over the cpu.
457
      
458
      
459
In the above example no kernel data structures were being manipulated
460
at the exact moment that the interrupt happened. However that cannot
461
be assumed. Suppose that thread B had finished its current set of
462
calculations and wanted to write the results to the display. It would
463
claim the appropriate mutex and manipulate the display. Now suppose
464
that thread B was timesliced in favour of thread C, and that thread C
465
also finished its calculations and wanted to write the results to the
466
display. It would call cyg_mutex_lock. This
467
kernel call locks the scheduler, examines the current state of the
468
mutex, discovers that the mutex is already owned by another thread,
469
suspends the current thread, and switches control to another runnable
470
thread. Another interrupt happens in the middle of this
471
cyg_mutex_lock call, causing the ISR to run
472
immediately. The ISR decides that thread A should be woken up so it
473
requests that its DSR be run and returns back to the kernel. At this
474
point there is a pending DSR, but the scheduler is still locked by the
475
call to cyg_mutex_lock so the DSR cannot run
476
immediately. Instead the call to cyg_mutex_lock
477
is allowed to continue, which at some point involves unlocking the
478
scheduler. The pending DSR can now run, safely post the semaphore, and
479
thus wake up thread A.
480
      
481
      
482
If the ISR had called cyg_semaphore_post directly
483
rather than leaving it to a DSR, it is likely that there would have
484
been some sort of corruption of a kernel data structure. For example
485
the kernel might have completely lost track of one of the threads, and
486
that thread would never have run again. The two-level approach to
487
interrupt handling, ISR's and DSR's, prevents such problems with no
488
need to disable interrupts.
489
      
490
    
491
 
492
493
494
 
495
    
496
      Calling Contexts
497
      
498
eCos defines a number of contexts. Only certain calls are allowed from
499
inside each context, for example most operations on threads or
500
synchronization primitives are not allowed from ISR context. The
501
different contexts are initialization, thread, ISR and DSR.
502
      
503
      
504
When eCos starts up it goes through a number of phases, including
505
setting up the hardware and invoking C++ static constructors. During
506
this time interrupts are disabled and the scheduler is locked. When a
507
configuration includes the kernel package the final operation is a
508
call to 
509
linkend="kernel-schedcontrol">cyg_scheduler_start.
510
At this point interrupts are enabled, the scheduler is unlocked, and
511
control is transferred to the highest priority runnable thread. If the
512
configuration also includes the C library package then usually the C
513
library startup package will have created a thread which will call the
514
application's main entry point.
515
      
516
      
517
Some application code can also run before the scheduler is started,
518
and this code runs in initialization context. If the application is
519
written partly or completely in C++ then the constructors for any
520
static objects will be run. Alternatively application code can define
521
a function cyg_user_start which gets called after
522
any C++ static constructors. This allows applications to be written
523
entirely in C.
524
      
525
      
526
void
527
cyg_user_start(void)
528
{
529
    /* Perform application-specific initialization here */
530
}
531
      
532
      
533
It is not necessary for applications to provide a
534
cyg_user_start function since the system will
535
provide a default implementation which does nothing.
536
      
537
      
538
Typical operations that are performed from inside static constructors
539
or cyg_user_start include creating threads,
540
synchronization primitives, setting up alarms, and registering
541
application-specific interrupt handlers. In fact for many applications
542
all such creation operations happen at this time, using statically
543
allocated data, avoiding any need for dynamic memory allocation or
544
other overheads.
545
      
546
      
547
Code running in initialization context runs with interrupts disabled
548
and the scheduler locked. It is not permitted to reenable interrupts
549
or unlock the scheduler because the system is not guaranteed to be in
550
a totally consistent state at this point. A consequence is that
551
initialization code cannot use synchronization primitives such as
552
cyg_semaphore_wait to wait for an external event.
553
It is permitted to lock and unlock a mutex: there are no other threads
554
running so it is guaranteed that the mutex is not yet locked, and
555
therefore the lock operation will never block; this is useful when
556
making library calls that may use a mutex internally.
557
      
558
      
559
At the end of the startup sequence the system will call
560
cyg_scheduler_start and the various threads will
561
start running. In thread context nearly all of the kernel functions
562
are available. There may be some restrictions on interrupt-related
563
operations, depending on the target hardware. For example the hardware
564
may require that interrupts be acknowledged in the ISR or DSR before
565
control returns to thread context, in which case
566
cyg_interrupt_acknowledge should not be called
567
by a thread.
568
      
569
      
570
At any time the processor may receive an external interrupt, causing
571
control to be transferred from the current thread. Typically a VSR
572
provided by eCos will run and determine exactly which interrupt
573
occurred. Then the VSR will switch to the appropriate ISR, which can
574
be provided by a HAL package, a device driver, or by the application.
575
During this time the system is running at ISR context, and most of the
576
kernel function calls are disallowed. This includes the various
577
synchronization primitives, so for example an ISR is not allowed to
578
post to a semaphore to indicate that an event has happened. Usually
579
the only operations that should be performed from inside an ISR are
580
ones related to the interrupt subsystem itself, for example masking an
581
interrupt or acknowledging that an interrupt has been processed. On
582
SMP systems it is also possible to use spinlocks from ISR context.
583
      
584
      
585
When an ISR returns it can request that the corresponding DSR be run
586
as soon as it is safe to do so, and that will run in DSR context. This
587
context is also used for running alarm functions, and threads can
588
switch temporarily to DSR context by locking the scheduler. Only
589
certain kernel functions can be called from DSR context, although more
590
than in ISR context. In particular it is possible to use any
591
synchronization primitives which cannot block.  These include
592
cyg_semaphore_post,
593
cyg_cond_signal,
594
cyg_cond_broadcast,
595
cyg_flag_setbits, and
596
cyg_mbox_tryput. It is not possible to use any
597
primitives that may block such as
598
cyg_semaphore_wait,
599
cyg_mutex_lock, or
600
cyg_mbox_put. Calling such functions from inside
601
a DSR may cause the system to hang.
602
      
603
      
604
The specific documentation for the various kernel functions gives more
605
details about valid contexts.
606
      
607
    
608
 
609
610
611
 
612
    
613
      Error Handling and Assertions
614
      
615
In many APIs each function is expected to perform some validation of
616
its parameters and possibly of the current state of the system. This
617
is supposed to ensure that each function is used correctly, and that
618
application code is not attempting to perform a semaphore operation on
619
a mutex or anything like that. If an error is detected then a suitable
620
error code is returned, for example the POSIX function
621
pthread_mutex_lock can return various error codes
622
including EINVAL and EDEADLK.
623
There are a number of problems with this approach, especially in the
624
context of deeply embedded systems:
625
      
626
      
627
        
628
Performing these checks inside the mutex lock and all the other
629
functions requires extra cpu cycles and adds significantly to the code
630
size. Even if the application is written correctly and only makes
631
system function calls with sensible arguments and under the right
632
conditions, these overheads still exist.
633
        
634
        
635
Returning an error code is only useful if the calling code detects
636
these error codes and takes appropriate action. In practice the
637
calling code will often ignore any errors because the programmer
638
“knows” that the function is being
639
used correctly. If the programmer is mistaken then an error condition
640
may be detected and reported, but the application continues running
641
anyway and is likely to fail some time later in mysterious ways.
642
        
643
        
644
If the calling code does always check for error codes, that adds yet
645
more cpu cycles and code size overhead.
646
        
647
        
648
Usually there will be no way to recover from certain errors, so if the
649
application code detected an error such as EINVAL
650
then all it could do is abort the application somehow.
651
        
652
      
653
      
654
The approach taken within the eCos kernel is different. Functions such
655
as cyg_mutex_lock will not return an error code.
656
Instead they contain various assertions, which can be enabled or
657
disabled. During the development process assertions are normally left
658
enabled, and the various kernel functions will perform parameter
659
checks and other system consistency checks. If a problem is detected
660
then an assertion failure will be reported and the application will be
661
terminated. In a typical debug session a suitable breakpoint will have
662
been installed and the developer can now examine the state of the
663
system and work out exactly what is going on. Towards the end of the
664
development cycle assertions will be disabled by manipulating
665
configuration options within the eCos infrastructure package, and all
666
assertions will be eliminated at compile-time. The assumption is that
667
by this time the application code has been mostly debugged: the
668
initial version of the code might have tried to perform a semaphore
669
operation on a mutex, but any problems like that will have been fixed
670
some time ago. This approach has a number of advantages:
671
      
672
      
673
        
674
In the final application there will be no overheads for checking
675
parameters and other conditions. All that code will have been
676
eliminated at compile-time.
677
        
678
        
679
Because the final application will not suffer any overheads, it is
680
reasonable for the system to do more work during the development
681
process. In particular the various assertions can test for more error
682
conditions and more complicated errors. When an error is detected
683
it is possible to give a text message describing the error rather than
684
just return an error code.
685
        
686
        
687
There is no need for application programmers to handle error codes
688
returned by various kernel function calls. This simplifies the
689
application code.
690
        
691
        
692
If an error is detected then an assertion failure will be reported
693
immediately and the application will be halted. There is no
694
possibility of an error condition being ignored because application
695
code did not check for an error code.
696
        
697
      
698
      
699
Although none of the kernel functions return an error code, many of
700
them do return a status condition. For example the function
701
cyg_semaphore_timed_wait waits until either an
702
event has been posted to a semaphore, or until a certain number of
703
clock ticks have occurred. Usually the calling code will need to know
704
whether the wait operation succeeded or whether a timeout occurred.
705
cyg_semaphore_timed_wait returns a boolean: a
706
return value of zero or false indicates a timeout, a non-zero return
707
value indicates that the wait succeeded.
708
      
709
      
710
In conventional APIs one common error conditions is lack of memory.
711
For example the POSIX function pthread_create
712
usually has to allocate some memory dynamically for the thread stack
713
and other per-thread data. If the target hardware does not have enough
714
memory to meet all demands, or more commonly if the application
715
contains a memory leak, then there may not be enough memory available
716
and the function call would fail. The eCos kernel avoids such problems
717
by never performing any dynamic memory allocation. Instead it is the
718
responsibility of the application code to provide all the memory
719
required for kernel data structures and other needs. In the case of
720
cyg_thread_create this means a
721
cyg_thread data structure to hold the thread
722
details, and a char array for the thread stack.
723
      
724
      
725
In many applications this approach results in all data structures
726
being allocated statically rather than dynamically. This has several
727
advantages. If the application is in fact too large for the target
728
hardware's memory then there will be an error at link-time rather than
729
at run-time, making the problem much easier to diagnose. Static
730
allocation does not involve any of the usual overheads associated with
731
dynamic allocation, for example there is no need to keep track of the
732
various free blocks in the system, and it may be possible to eliminate
733
malloc from the system completely. Problems such
734
as fragmentation and memory leaks cannot occur if all data is
735
allocated statically. However, some applications are sufficiently
736
complicated that dynamic memory allocation is required, and the
737
various kernel functions do not distinguish between statically and
738
dynamically allocated memory. It still remains the responsibility of
739
the calling code to ensure that sufficient memory is available, and
740
passing null pointers to the kernel will result in assertions or
741
system failure.
742
      
743
    
744
 
745
746
 
747
  
748
 
749
750
751
 
752
  
753
 
754
    
755
    SMP Support
756
    
757
 
758
    
759
      SMP
760
      Support Symmetric Multiprocessing Systems
761
    
762
 
763
    
764
      Description
765
      
766
eCos contains support for limited Symmetric Multi-Processing (SMP).
767
This is only available on selected architectures and platforms.
768
The implementation has a number of restrictions on the kind of
769
hardware supported. These are described in .
770
    
771
 
772
    
773
The following sections describe the changes that have been made to the
774
eCos kernel to support SMP operation.
775
    
776
    
777
 
778
    
779
      System Startup
780
      
781
The system startup sequence needs to be somewhat different on an SMP
782
system, although this is largely transparent to application code. The
783
main startup takes place on only one CPU, called the primary CPU. All
784
other CPUs, the secondary CPUs, are either placed in suspended state
785
at reset, or are captured by the HAL and put into a spin as they start
786
up. The primary CPU is responsible for copying the DATA segment and
787
zeroing the BSS (if required), calling HAL variant and platform
788
initialization routines and invoking constructors. It then calls
789
cyg_start to enter the application. The
790
application may then create extra threads and other objects.
791
      
792
      
793
It is only when the application calls
794
cyg_scheduler_start that the secondary CPUs are
795
initialized. This routine scans the list of available secondary CPUs
796
and invokes HAL_SMP_CPU_START to start each
797
CPU. Finally it calls an internal function
798
Cyg_Scheduler::start_cpu to enter the scheduler
799
for the primary CPU.
800
      
801
      
802
Each secondary CPU starts in the HAL, where it completes any per-CPU
803
initialization before calling into the kernel at
804
cyg_kernel_cpu_startup. Here it claims the
805
scheduler lock and calls
806
Cyg_Scheduler::start_cpu.
807
      
808
      
809
Cyg_Scheduler::start_cpu is common to both the
810
primary and secondary CPUs. The first thing this code does is to
811
install an interrupt object for this CPU's inter-CPU interrupt. From
812
this point on the code is the same as for the single CPU case: an
813
initial thread is chosen and entered.
814
      
815
      
816
From this point on the CPUs are all equal, eCos makes no further
817
distinction between the primary and secondary CPUs. However, the
818
hardware may still distinguish between them as far as interrupt
819
delivery is concerned.
820
      
821
    
822
 
823
    
824
      Scheduling
825
      
826
To function correctly an operating system kernel must protect its
827
vital data structures, such as the run queues, from concurrent
828
access. In a single CPU system the only concurrent activities to worry
829
about are asynchronous interrupts. The kernel can easily guard its
830
data structures against these by disabling interrupts. However, in a
831
multi-CPU system, this is inadequate since it does not block access by
832
other CPUs.
833
      
834
      
835
The eCos kernel protects its vital data structures using the scheduler
836
lock. In single CPU systems this is a simple counter that is
837
atomically incremented to acquire the lock and decremented to release
838
it. If the lock is decremented to zero then the scheduler may be
839
invoked to choose a different thread to run. Because interrupts may
840
continue to be serviced while the scheduler lock is claimed, ISRs are
841
not allowed to access kernel data structures, or call kernel routines
842
that can. Instead all such operations are deferred to an associated
843
DSR routine that is run during the lock release operation, when the
844
data structures are in a consistent state.
845
      
846
      
847
By choosing a kernel locking mechanism that does not rely on interrupt
848
manipulation to protect data structures, it is easier to convert eCos
849
to SMP than would otherwise be the case. The principal change needed to
850
make eCos SMP-safe is to convert the scheduler lock into a nestable
851
spin lock. This is done by adding a spinlock and a CPU id to the
852
original counter.
853
      
854
      
855
The algorithm for acquiring the scheduler lock is very simple. If the
856
scheduler lock's CPU id matches the current CPU then it can just increment
857
the counter and continue. If it does not match, the CPU must spin on
858
the spinlock, after which it may increment the counter and store its
859
own identity in the CPU id.
860
      
861
      
862
To release the lock, the counter is decremented. If it goes to zero
863
the CPU id value must be set to NONE and the spinlock cleared.
864
      
865
      
866
To protect these sequences against interrupts, they must be performed
867
with interrupts disabled. However, since these are very short code
868
sequences, they will not have an adverse effect on the interrupt
869
latency.
870
      
871
      
872
Beyond converting the scheduler lock, further preparing the kernel for
873
SMP is a relatively minor matter. The main changes are to convert
874
various scalar housekeeping variables into arrays indexed by CPU
875
id. These include the current thread pointer, the need_reschedule
876
flag and the timeslice counter.
877
      
878
      
879
At present only the Multi-Level Queue (MLQ) scheduler is capable of
880
supporting SMP configurations. The main change made to this scheduler
881
is to cope with having several threads in execution at the same
882
time. Running threads are marked with the CPU that they are executing on.
883
When scheduling a thread, the scheduler skips past any running threads
884
until it finds a thread that is pending. While not a constant-time
885
algorithm, as in the single CPU case, this is still deterministic,
886
since the worst case time is bounded by the number of CPUs in the
887
system.
888
      
889
      
890
A second change to the scheduler is in the code used to decide when
891
the scheduler should be called to choose a new thread. The scheduler
892
attempts to keep the n CPUs running the
893
n highest priority threads. Since an event or
894
interrupt on one CPU may require a reschedule on another CPU, there
895
must be a mechanism for deciding this. The algorithm currently
896
implemented is very simple. Given a thread that has just been awakened
897
(or had its priority changed), the scheduler scans the CPUs, starting
898
with the one it is currently running on, for a current thread that is
899
of lower priority than the new one. If one is found then a reschedule
900
interrupt is sent to that CPU and the scan continues, but now using
901
the current thread of the rescheduled CPU as the candidate thread. In
902
this way the new thread gets to run as quickly as possible, hopefully
903
on the current CPU, and the remaining CPUs will pick up the remaining
904
highest priority threads as a consequence of processing the reschedule
905
interrupt.
906
      
907
      
908
The final change to the scheduler is in the handling of
909
timeslicing. Only one CPU receives timer interrupts, although all CPUs
910
must handle timeslicing. To make this work, the CPU that receives the
911
timer interrupt decrements the timeslice counter for all CPUs, not
912
just its own. If the counter for a CPU reaches zero, then it sends a
913
timeslice interrupt to that CPU. On receiving the interrupt the
914
destination CPU enters the scheduler and looks for another thread at
915
the same priority to run. This is somewhat more efficient than
916
distributing clock ticks to all CPUs, since the interrupt is only
917
needed when a timeslice occurs.
918
      
919
      
920
All existing synchronization mechanisms work as before in an SMP
921
system. Additional synchronization mechanisms have been added to
922
provide explicit synchronization for SMP, in the form of
923
spinlocks.
924
      
925
    
926
 
927
    
928
      SMP Interrupt Handling
929
      
930
The main area where the SMP nature of a system requires special
931
attention is in device drivers and especially interrupt handling. It
932
is quite possible for the ISR, DSR and thread components of a device
933
driver to execute on different CPUs. For this reason it is much more
934
important that SMP-capable device drivers use the interrupt-related
935
functions correctly. Typically a device driver would use the driver
936
API rather than call the kernel directly, but it is unlikely that
937
anybody would attempt to use a multiprocessor system without the
938
kernel package.
939
      
940
      
941
Two new functions have been added to the Kernel API
942
to do interrupt
943
routing: cyg_interrupt_set_cpu and
944
cyg_interrupt_get_cpu. Although not currently
945
supported, special values for the cpu argument may be used in future
946
to indicate that the interrupt is being routed dynamically or is
947
CPU-local. Once a vector has been routed to a new CPU, all other
948
interrupt masking and configuration operations are relative to that
949
CPU, where relevant.
950
      
951
 
952
      
953
There are more details of how interrupts should be handled in SMP
954
systems in .
955
      
956
    
957
 
958
  
959
 
960
961
 
962
963
 
964
  
965
 
966
    
967
    Thread creation
968
    
969
 
970
    
971
      cyg_thread_create
972
      Create a new thread
973
    
974
 
975
    
976
      
977
        
978
#include <cyg/kernel/kapi.h>
979
        
980
        
981
          void cyg_thread_create
982
          cyg_addrword_t sched_info
983
          cyg_thread_entry_t* entry
984
          cyg_addrword_t entry_data
985
          char* name
986
          void* stack_base
987
          cyg_ucount32 stack_size
988
          cyg_handle_t* handle
989
          cyg_thread* thread
990
        
991
      
992
    
993
 
994
    Description
995
      
996
The cyg_thread_create function allows application
997
code and eCos packages to create new threads. In many applications
998
this only happens during system initialization and all required data
999
is allocated statically.  However additional threads can be created at
1000
any time, if necessary. A newly created thread is always in suspended
1001
state and will not start running until it has been resumed via a call
1002
to cyg_thread_resume. Also, if threads are
1003
created during system initialization then they will not start running
1004
until the eCos scheduler has been started.
1005
      
1006
      
1007
The name argument is used
1008
primarily for debugging purposes, making it easier to keep track of
1009
which cyg_thread structure is associated with
1010
which application-level thread. The kernel configuration option
1011
CYGVAR_KERNEL_THREADS_NAME controls whether or not
1012
this name is actually used.
1013
      
1014
      
1015
On creation each thread is assigned a unique handle, and this will be
1016
stored in the location pointed at by the 
1017
class="function">handle argument. Subsequent operations on
1018
this thread including the required
1019
cyg_thread_resume should use this handle to
1020
identify the thread.
1021
      
1022
      
1023
The kernel requires a small amount of space for each thread, in the
1024
form of a cyg_thread data structure, to hold
1025
information such as the current state of that thread. To avoid any
1026
need for dynamic memory allocation within the kernel this space has to
1027
be provided by higher-level code, typically in the form of a static
1028
variable. The thread argument
1029
provides this space.
1030
      
1031
    
1032
 
1033
    Thread Entry Point
1034
      
1035
The entry point for a thread takes the form:
1036
      
1037
      
1038
void
1039
thread_entry_function(cyg_addrword_t data)
1040
{
1041
1042
}
1043
      
1044
      
1045
The second argument to cyg_thread_create is a
1046
pointer to such a function. The third argument 
1047
class="function">entry_data is used to pass additional
1048
data to the function. Typically this takes the form of a pointer to
1049
some static data, or a small integer, or 0 if the
1050
thread does not require any additional data.
1051
      
1052
      
1053
If the thread entry function ever returns then this is equivalent to
1054
the thread calling cyg_thread_exit. Even though
1055
the thread will no longer run again, it remains registered with the
1056
scheduler. If the application needs to re-use the
1057
cyg_thread data structure then a call to
1058
cyg_thread_delete is required first.
1059
      
1060
    
1061
 
1062
    Thread Priorities
1063
      
1064
The sched_info argument
1065
provides additional information to the scheduler. The exact details
1066
depend on the scheduler being used. For the bitmap and mlqueue
1067
schedulers it is a small integer, typically in the range 0 to 31, with
1068
 
1069
only by the system's idle thread. The exact number of priorities is
1070
controlled by the kernel configuration option
1071
CYGNUM_KERNEL_SCHED_PRIORITIES.
1072
      
1073
      
1074
It is the responsibility of the application developer to be aware of
1075
the various threads in the system, including those created by eCos
1076
packages, and to ensure that all threads run at suitable priorities.
1077
For threads created by other packages the documentation provided by
1078
those packages should indicate any requirements.
1079
      
1080
      
1081
The functions cyg_thread_set_priority,
1082
cyg_thread_get_priority, and
1083
cyg_thread_get_current_priority can be used to
1084
manipulate a thread's priority.
1085
      
1086
    
1087
 
1088
    Stacks and Stack Sizes
1089
      
1090
Each thread needs its own stack for local variables and to keep track
1091
of function calls and returns. Again it is expected that this stack is
1092
provided by the calling code, usually in the form of static data, so
1093
that the kernel does not need any dynamic memory allocation
1094
facilities. cyg_thread_create takes two arguments
1095
related to the stack, a pointer to the base of the stack and the total
1096
size of this stack. On many processors stacks actually descend from the
1097
top down, so the kernel will add the stack size to the base address to
1098
determine the starting location.
1099
      
1100
      
1101
The exact stack size requirements for any given thread depend on a
1102
number of factors. The most important is of course the code that will
1103
be executed in the context of this code: if this involves significant
1104
nesting of function calls, recursion, or large local arrays, then the
1105
stack size needs to be set to a suitably high value. There are some
1106
architectural issues, for example the number of cpu registers and the
1107
calling conventions will have some effect on stack usage. Also,
1108
depending on the configuration, it is possible that some other code
1109
such as interrupt handlers will occasionally run on the current
1110
thread's stack. This depends in part on configuration options such as
1111
CYGIMP_HAL_COMMON_INTERRUPTS_USE_INTERRUPT_STACK
1112
and CYGSEM_HAL_COMMON_INTERRUPTS_ALLOW_NESTING.
1113
      
1114
      
1115
Determining an application's actual stack size requirements is the
1116
responsibility of the application developer, since the kernel cannot
1117
know in advance what code a given thread will run. However, the system
1118
does provide some hints about reasonable stack sizes in the form of
1119
two constants: CYGNUM_HAL_STACK_SIZE_MINIMUM and
1120
CYGNUM_HAL_STACK_SIZE_TYPICAL. These are defined by
1121
the appropriate HAL package. The MINIMUM value is
1122
appropriate for a thread that just runs a single function and makes
1123
very simple system calls. Trying to create a thread with a smaller
1124
stack than this is illegal. The TYPICAL value is
1125
appropriate for applications where application calls are nested no
1126
more than half a dozen or so levels, and there are no large arrays on
1127
the stack.
1128
      
1129
      
1130
If the stack sizes are not estimated correctly and a stack overflow
1131
occurs, the probably result is some form of memory corruption. This
1132
can be very hard to track down. The kernel does contain some code to
1133
help detect stack overflows, controlled by the configuration option
1134
CYGFUN_KERNEL_THREADS_STACK_CHECKING: a small
1135
amount of space is reserved at the stack limit and filled with a
1136
special signature: every time a thread context switch occurs this
1137
signature is checked, and if invalid that is a good indication (but
1138
not absolute proof) that a stack overflow has occurred. This form of
1139
stack checking is enabled by default when the system is built with
1140
debugging enabled. A related configuration option is
1141
CYGFUN_KERNEL_THREADS_STACK_MEASUREMENT: enabling
1142
this option means that a thread can call the function
1143
cyg_thread_measure_stack_usage to find out the
1144
maximum stack usage to date. Note that this is not necessarily the
1145
true maximum because, for example, it is possible that in the current
1146
run no interrupt occurred at the worst possible moment.
1147
      
1148
    
1149
 
1150
    Valid contexts
1151
      
1152
cyg_thread_create may be called during
1153
initialization and from within thread context. It may not be called
1154
from inside a DSR.
1155
      
1156
    
1157
 
1158
    Example
1159
      
1160
A simple example of thread creation is shown below. This involves
1161
creating five threads, one producer and four consumers or workers. The
1162
threads are created in the system's
1163
cyg_user_start: depending on the configuration it
1164
might be more appropriate to do this elsewhere, for example inside
1165
main.
1166
      
1167
      
1168
#include <cyg/hal/hal_arch.h>
1169
#include <cyg/kernel/kapi.h>
1170
 
1171
// These numbers depend entirely on your application
1172
#define NUMBER_OF_WORKERS    4
1173
#define PRODUCER_PRIORITY   10
1174
#define WORKER_PRIORITY     11
1175
#define PRODUCER_STACKSIZE  CYGNUM_HAL_STACK_SIZE_TYPICAL
1176
#define WORKER_STACKSIZE    (CYGNUM_HAL_STACK_SIZE_MINIMUM + 1024)
1177
 
1178
static unsigned char producer_stack[PRODUCER_STACKSIZE];
1179
static unsigned char worker_stacks[NUMBER_OF_WORKERS][WORKER_STACKSIZE];
1180
static cyg_handle_t producer_handle, worker_handles[NUMBER_OF_WORKERS];
1181
static cyg_thread_t producer_thread, worker_threads[NUMBER_OF_WORKERS];
1182
 
1183
static void
1184
producer(cyg_addrword_t data)
1185
{
1186
1187
}
1188
 
1189
static void
1190
worker(cyg_addrword_t data)
1191
{
1192
1193
}
1194
 
1195
void
1196
cyg_user_start(void)
1197
{
1198
    int i;
1199
 
1200
    cyg_thread_create(PRODUCER_PRIORITY, &producer, 0, "producer",
1201
                      producer_stack, PRODUCER_STACKSIZE,
1202
                      &producer_handle, &producer_thread);
1203
    cyg_thread_resume(producer_handle);
1204
    for (i = 0; i < NUMBER_OF_WORKERS; i++) {
1205
        cyg_thread_create(WORKER_PRIORITY, &worker, i, "worker",
1206
                          worker_stacks[i], WORKER_STACKSIZE,
1207
                          &(worker_handles[i]), &(worker_threads[i]));
1208
        cyg_thread_resume(worker_handles[i]);
1209
    }
1210
}
1211
      
1212
    
1213
 
1214
 
1215
    Thread Entry Points and C++
1216
      
1217
For code written in C++ the thread entry function must be either a
1218
static member function of a class or an ordinary function outside any
1219
class. It cannot be a normal member function of a class because such
1220
member functions take an implicit additional argument
1221
this, and the kernel has no way of knowing what
1222
value to use for this argument. One way around this problem is to make
1223
use of a special static member function, for example:
1224
      
1225
      
1226
class fred {
1227
  public:
1228
    void thread_function();
1229
    static void static_thread_aux(cyg_addrword_t);
1230
};
1231
 
1232
void
1233
fred::static_thread_aux(cyg_addrword_t objptr)
1234
{
1235
    fred* object = static_cast<fred*>(objptr);
1236
    object->thread_function();
1237
}
1238
 
1239
static fred instance;
1240
 
1241
extern "C" void
1242
cyg_start( void )
1243
{
1244
1245
    cyg_thread_create( …,
1246
                      &fred::static_thread_aux,
1247
                      static_cast<cyg_addrword_t>(&instance),
1248
                      …);
1249
1250
}
1251
      
1252
      
1253
Effectively this uses the 
1254
class="function">entry_data argument to
1255
cyg_thread_create to hold the
1256
this pointer. Unfortunately this approach does
1257
require the use of some C++ casts, so some of the type safety that can
1258
be achieved when programming in C++ is lost.
1259
      
1260
    
1261
 
1262
  
1263
 
1264
1265
1266
 
1267
  
1268
 
1269
    
1270
    Thread information
1271
    
1272
 
1273
    
1274
      cyg_thread_self
1275
      cyg_thread_idle_thread
1276
      cyg_thread_get_stack_base
1277
      cyg_thread_get_stack_size
1278
      cyg_thread_measure_stack_usage
1279
      cyg_thread_get_next
1280
      cyg_thread_get_info
1281
      cyg_thread_find
1282
      Get basic thread information
1283
    
1284
 
1285
    
1286
      
1287
        
1288
#include <cyg/kernel/kapi.h>
1289
        
1290
        
1291
          cyg_handle_t cyg_thread_self
1292
          
1293
        
1294
        
1295
          cyg_handle_t cyg_thread_idle_thread
1296
          
1297
        
1298
        
1299
          cyg_addrword_t cyg_thread_get_stack_base
1300
          cyg_handle_t thread
1301
        
1302
        
1303
          cyg_uint32 cyg_thread_get_stack_size
1304
          cyg_handle_t thread
1305
        
1306
        
1307
          cyg_uint32 cyg_thread_measure_stack_usage
1308
          cyg_handle_t thread
1309
        
1310
        
1311
          cyg_bool cyg_thread_get_next
1312
          cyg_handle_t *thread
1313
          cyg_uint16 *id
1314
        
1315
        
1316
          cyg_bool cyg_thread_get_info
1317
          cyg_handle_t thread
1318
          cyg_uint16 id
1319
          cyg_thread_info *info
1320
        
1321
        
1322
          cyg_handle_t cyg_thread_find
1323
          cyg_uint16 id
1324
        
1325
      
1326
    
1327
 
1328
    Description
1329
      
1330
These functions can be used to obtain some basic information about
1331
various threads in the system. Typically they serve little or no
1332
purpose in real applications, but they can be useful during debugging.
1333
      
1334
      
1335
cyg_thread_self returns a handle corresponding
1336
to the current thread. It will be the same as the value filled in by
1337
cyg_thread_create when the current thread was
1338
created. This handle can then be passed to other functions such as
1339
cyg_thread_get_priority.
1340
      
1341
      
1342
cyg_thread_idle_thread returns the handle
1343
corresponding to the idle thread. This thread is created automatically
1344
by the kernel, so application-code has no other way of getting hold of
1345
this information.
1346
      
1347
      
1348
cyg_thread_get_stack_base and
1349
cyg_thread_get_stack_size return information
1350
about a specific thread's stack. The values returned will match the
1351
values passed to cyg_thread_create when this
1352
thread was created.
1353
      
1354
      
1355
cyg_thread_measure_stack_usage is only available
1356
if the configuration option
1357
CYGFUN_KERNEL_THREADS_STACK_MEASUREMENT is enabled.
1358
The return value is the maximum number of bytes of stack space used so
1359
far by the specified thread. Note that this should not be considered a
1360
true upper bound, for example it is possible that in the current test
1361
run the specified thread has not yet been interrupted at the deepest
1362
point in the function call graph. Never the less the value returned
1363
can give some useful indication of the thread's stack requirements.
1364
      
1365
      
1366
cyg_thread_get_next is used to enumerate all the
1367
current threads in the system. It should be called initially with the
1368
locations pointed to by thread and
1369
id set to zero. On return these will be set to
1370
the handle and ID of the first thread. On subsequent calls, these
1371
parameters should be left set to the values returned by the previous
1372
call.  The handle and ID of the next thread in the system will be
1373
installed each time, until a false return value
1374
indicates the end of the list.
1375
      
1376
      
1377
cyg_thread_get_info fills in the
1378
cyg_thread_info structure with information about the
1379
thread described by the thread and
1380
id arguments. The information returned includes
1381
the thread's handle and id, its state and name, priorities and stack
1382
parameters. If the thread does not exist the function returns
1383
false.
1384
    
1385
    
1386
The cyg_thread_info structure is defined as follows by
1387
<cyg/kernel/kapi.h>, but may
1388
be extended in future with additional members, and so its size should
1389
not be relied upon:
1390
1391
typedef struct
1392
{
1393
    cyg_handle_t        handle;
1394
    cyg_uint16          id;
1395
    cyg_uint32          state;
1396
    char                *name;
1397
    cyg_priority_t      set_pri;
1398
    cyg_priority_t      cur_pri;
1399
    cyg_addrword_t      stack_base;
1400
    cyg_uint32          stack_size;
1401
    cyg_uint32          stack_used;
1402
} cyg_thread_info;
1403
1404
    
1405
    
1406
cyg_thread_find returns a handle for the thread
1407
whose ID is id. If no such thread exists, a
1408
zero handle is returned.
1409
    
1410
    
1411
 
1412
    Valid contexts
1413
      
1414
cyg_thread_self may only be called from thread
1415
context. cyg_thread_idle_thread may be called
1416
from thread or DSR context, but only after the system has been
1417
initialized. cyg_thread_get_stack_base,
1418
cyg_thread_get_stack_size and
1419
cyg_thread_measure_stack_usage may be called
1420
any time after the specified thread has been created, but measuring
1421
stack usage involves looping over at least part of the thread's stack
1422
so this should normally only be done from thread context.
1423
      
1424
    
1425
 
1426
    Examples
1427
      
1428
A simple example of the use of the
1429
cyg_thread_get_next and
1430
cyg_thread_get_info follows:
1431
      
1432
      
1433
 
1434
#include <cyg/kernel/kapi.h>
1435
#include <stdio.h>
1436
 
1437
void show_threads(void)
1438
{
1439
    cyg_handle_t thread = 0;
1440
    cyg_uint16 id = 0;
1441
 
1442
    while( cyg_thread_get_next( &thread, &id ) )
1443
    {
1444
        cyg_thread_info info;
1445
 
1446
        if( !cyg_thread_get_info( thread, id, &info ) )
1447
            break;
1448
 
1449
        printf("ID: %04x name: %10s pri: %d\n",
1450
                info.id, info.name?info.name:"----", info.set_pri );
1451
    }
1452
}
1453
 
1454
      
1455
    
1456
 
1457
  
1458
 
1459
1460
1461
 
1462
  
1463
 
1464
    
1465
    Thread control
1466
    
1467
 
1468
    
1469
      cyg_thread_yield
1470
      cyg_thread_delay
1471
      cyg_thread_suspend
1472
      cyg_thread_resume
1473
      cyg_thread_release
1474
      Control whether or not a thread is running
1475
    
1476
 
1477
    
1478
      
1479
        
1480
#include <cyg/kernel/kapi.h>
1481
        
1482
        
1483
          void cyg_thread_yield
1484
          
1485
        
1486
        
1487
          void cyg_thread_delay
1488
          cyg_tick_count_t delay
1489
        
1490
        
1491
           void cyg_thread_suspend
1492
           cyg_handle_t thread
1493
        
1494
        
1495
           void cyg_thread_resume
1496
           cyg_handle_t thread
1497
        
1498
        
1499
           void cyg_thread_release
1500
           cyg_handle_t thread
1501
        
1502
      
1503
    
1504
 
1505
    Description
1506
      
1507
These functions provide some control over whether or not a particular
1508
thread can run. Apart from the required use of
1509
cyg_thread_resume to start a newly-created
1510
thread, application code should normally use proper synchronization
1511
primitives such as condition variables or mail boxes.
1512
      
1513
    
1514
 
1515
    Yield
1516
      
1517
cyg_thread_yield allows a thread to relinquish
1518
control of the processor to some other runnable thread which has the
1519
same priority. This can have no effect on any higher-priority thread
1520
since, if such a thread were runnable, the current thread would have
1521
been preempted in its favour. Similarly it can have no effect on any
1522
lower-priority thread because the current thread will always be run in
1523
preference to those. As a consequence this function is only useful
1524
in configurations with a scheduler that allows multiple threads to run
1525
at the same priority, for example the mlqueue scheduler. If instead
1526
the bitmap scheduler was being used then
1527
cyg_thread_yield() would serve no purpose.
1528
      
1529
      
1530
Even if a suitable scheduler such as the mlqueue scheduler has been
1531
configured, cyg_thread_yield will still rarely
1532
prove useful: instead timeslicing will be used to ensure that all
1533
threads of a given priority get a fair slice of the available
1534
processor time. However it is possible to disable timeslicing via the
1535
configuration option CYGSEM_KERNEL_SCHED_TIMESLICE,
1536
in which case cyg_thread_yield can be used to
1537
implement a form of cooperative multitasking.
1538
      
1539
    
1540
 
1541
    Delay
1542
      
1543
cyg_thread_delay allows a thread to suspend until
1544
the specified number of clock ticks have occurred. For example, if a
1545
value of 1 is used and the system clock runs at a frequency of 100Hz
1546
then the thread will sleep for up to 10 milliseconds. This
1547
functionality depends on the presence of a real-time system clock, as
1548
controlled by the configuration option
1549
CYGVAR_KERNEL_COUNTERS_CLOCK.
1550
      
1551
      
1552
If the application requires delays measured in milliseconds or similar
1553
units rather than in clock ticks, some calculations are needed to
1554
convert between these units as described in 
1555
linkend="kernel-clocks">. Usually these calculations can be done by
1556
the application developer, or at compile-time. Performing such
1557
calculations prior to every call to
1558
cyg_thread_delay adds unnecessary overhead to the
1559
system.
1560
      
1561
    
1562
 
1563
    Suspend and Resume
1564
      
1565
Associated with each thread is a suspend counter. When a thread is
1566
first created this counter is initialized to 1.
1567
cyg_thread_suspend can be used to increment the
1568
suspend counter, and cyg_thread_resume decrements
1569
it. The scheduler will never run a thread with a non-zero suspend
1570
counter. Therefore a newly created thread will not run until it has
1571
been resumed.
1572
      
1573
      
1574
An occasional problem with the use of suspend and resume functionality
1575
is that a thread gets suspended more times than it is resumed and
1576
hence never becomes runnable again. This can lead to very confusing
1577
behaviour. To help with debugging such problems the kernel provides a
1578
configuration option
1579
CYGNUM_KERNEL_MAX_SUSPEND_COUNT_ASSERT which
1580
imposes an upper bound on the number of suspend calls without matching
1581
resumes, with a reasonable default value. This functionality depends
1582
on infrastructure assertions being enabled.
1583
      
1584
    
1585
 
1586
    Releasing a Blocked Thread
1587
      
1588
When a thread is blocked on a synchronization primitive such as a
1589
semaphore or a mutex, or when it is waiting for an alarm to trigger,
1590
it can be forcibly woken up using
1591
cyg_thread_release. Typically this will call the
1592
affected synchronization primitive to return false, indicating that
1593
the operation was not completed successfully. This function has to be
1594
used with great care, and in particular it should only be used on
1595
threads that have been designed appropriately and check all return
1596
codes. If instead it were to be used on, say, an arbitrary thread that
1597
is attempting to claim a mutex then that thread might not bother to
1598
check the result of the mutex lock operation - usually there would be
1599
no reason to do so. Therefore the thread will now continue running in
1600
the false belief that it has successfully claimed a mutex lock, and
1601
the resulting behaviour is undefined. If the system has been built
1602
with assertions enabled then it is possible that an assertion will
1603
trigger when the thread tries to release the mutex it does not
1604
actually own.
1605
      
1606
      
1607
The main use of cyg_thread_release is in the
1608
POSIX compatibility layer, where it is used in the implementation of
1609
per-thread signals and cancellation handlers.
1610
      
1611
    
1612
 
1613
    Valid contexts
1614
      
1615
cyg_thread_yield can only be called from thread
1616
context, A DSR must always run to completion and cannot yield the
1617
processor to some thread. cyg_thread_suspend,
1618
cyg_thread_resume, and
1619
cyg_thread_release may be called from thread or
1620
DSR context.
1621
      
1622
    
1623
 
1624
  
1625
 
1626
1627
1628
 
1629
  
1630
 
1631
    
1632
    Thread termination
1633
    
1634
 
1635
    
1636
      cyg_thread_exit
1637
      cyg_thread_kill
1638
      cyg_thread_delete
1639
      Allow threads to terminate
1640
    
1641
 
1642
    
1643
      
1644
        
1645
#include <cyg/kernel/kapi.h>
1646
        
1647
        
1648
          void cyg_thread_exit
1649
          
1650
        
1651
        
1652
          void cyg_thread_kill
1653
          cyg_handle_t thread
1654
        
1655
        
1656
          void cyg_thread_delete
1657
          cyg_handle_t thread
1658
        
1659
      
1660
    
1661
 
1662
    Description
1663
      
1664
In many embedded systems the various threads are allocated statically,
1665
created during initialization, and never need to terminate. This
1666
avoids any need for dynamic memory allocation or other resource
1667
management facilities. However if a given application does have a
1668
requirement that some threads be created dynamically, must terminate,
1669
and their resources such as the stack be reclaimed, then the kernel
1670
provides the functions cyg_thread_exit,
1671
cyg_thread_kill, and
1672
cyg_thread_delete.
1673
      
1674
      
1675
cyg_thread_exit allows a thread to terminate
1676
itself, thus ensuring that it will not be run again by the scheduler.
1677
However the cyg_thread data structure passed
1678
to cyg_thread_create remains in use, and the
1679
handle returned by cyg_thread_create remains
1680
valid. This allows other threads to perform certain operations on the
1681
terminated thread, for example to determine its stack usage via
1682
cyg_thread_measure_stack_usage. When the handle
1683
and cyg_thread structure are no longer
1684
required, cyg_thread_delete should be called to
1685
release these resources. If the stack was dynamically allocated then
1686
this should not be freed until after the call to
1687
cyg_thread_delete.
1688
      
1689
      
1690
Alternatively, one thread may use cyg_thread_kill
1691
on another This has much the same effect as the affected thread
1692
calling cyg_thread_exit. However killing a thread
1693
is generally rather dangerous because no attempt is made to unlock any
1694
synchronization primitives currently owned by that thread or release
1695
any other resources that thread may have claimed. Therefore use of
1696
this function should be avoided, and
1697
cyg_thread_exit is preferred.
1698
cyg_thread_kill cannot be used by a thread to
1699
kill itself.
1700
      
1701
      
1702
cyg_thread_delete should be used on a thread
1703
after it has exited and is no longer required. After this call the
1704
thread handle is no longer valid, and both the
1705
cyg_thread structure and the thread stack can
1706
be re-used or freed. If cyg_thread_delete is
1707
invoked on a thread that is still running then there is an implicit
1708
call to cyg_thread_kill.
1709
      
1710
    
1711
 
1712
    Valid contexts
1713
      
1714
cyg_thread_exit,
1715
cyg_thread_kill and
1716
cyg_thread_delete can only be called from thread
1717
context.
1718
      
1719
    
1720
 
1721
  
1722
 
1723
1724
1725
 
1726
  
1727
 
1728
    
1729
    Thread priorities
1730
    
1731
 
1732
    
1733
      cyg_thread_get_priority
1734
      cyg_thread_get_current_priority
1735
      cyg_thread_set_priority
1736
      Examine and manipulate thread priorities
1737
    
1738
    
1739
      
1740
        
1741
#include <cyg/kernel/kapi.h>
1742
        
1743
        
1744
          cyg_priority_t cyg_thread_get_priority
1745
          cyg_handle_t thread
1746
        
1747
        
1748
          cyg_priority_t cyg_thread_get_current_priority
1749
          cyg_handle_t thread
1750
        
1751
        
1752
          void cyg_thread_set_priority
1753
          cyg_handle_t thread
1754
          cyg_priority_t priority
1755
        
1756
      
1757
    
1758
 
1759
    Description
1760
      
1761
Typical schedulers use the concept of a thread priority to determine
1762
which thread should run next. Exactly what this priority consists of
1763
will depend on the scheduler, but a typical implementation would be a
1764
small integer in the range 0 to 31, with 0 being the highest priority.
1765
Usually only the idle thread will run at the lowest priority. The
1766
exact number of priority levels available depends on the
1767
configuration, typically the option
1768
CYGNUM_KERNEL_SCHED_PRIORITIES.
1769
      
1770
      
1771
cyg_thread_get_priority can be used to determine
1772
the priority of a thread, or more correctly the value last used in a
1773
cyg_thread_set_priority call or when the thread
1774
was first created. In some circumstances it is possible that the
1775
thread is actually running at a higher priority. For example, if it
1776
owns a mutex and priority ceilings or inheritance is being used to
1777
prevent priority inversion problems, then the thread's priority may
1778
have been boosted temporarily.
1779
cyg_thread_get_current_priority returns the real
1780
current priority.
1781
      
1782
      
1783
In many applications appropriate thread priorities can be determined
1784
and allocated statically. However, if it is necessary for a thread's
1785
priority to change at run-time then the
1786
cyg_thread_set_priority function provides this
1787
functionality.
1788
      
1789
    
1790
 
1791
    Valid contexts
1792
      
1793
cyg_thread_get_priority and
1794
cyg_thread_get_current_priority can be called
1795
from thread or DSR context, although the latter is rarely useful.
1796
cyg_thread_set_priority should also only be
1797
called from thread context.
1798
      
1799
    
1800
  
1801
 
1802
1803
1804
 
1805
  
1806
 
1807
    
1808
    Per-thread data
1809
    
1810
 
1811
    
1812
      cyg_thread_new_data_index
1813
      cyg_thread_free_data_index
1814
      cyg_thread_get_data
1815
      cyg_thread_get_data_ptr
1816
      cyg_thread_set_data
1817
      Manipulate per-thread data
1818
    
1819
    
1820
      
1821
        
1822
#include <cyg/kernel/kapi.h>
1823
        
1824
        
1825
          cyg_ucount32 cyg_thread_new_data_index
1826
          
1827
        
1828
        
1829
          void cyg_thread_free_data_index
1830
          cyg_ucount32 index
1831
        
1832
        
1833
          cyg_addrword_t cyg_thread_get_data
1834
          cyg_ucount32 index
1835
        
1836
        
1837
          cyg_addrword_t* cyg_thread_get_data_ptr
1838
          cyg_ucount32 index
1839
        
1840
        
1841
          void cyg_thread_set_data
1842
          cyg_ucount32 index
1843
          cyg_addrword_t data
1844
        
1845
      
1846
    
1847
 
1848
    Description
1849
      
1850
In some applications and libraries it is useful to have some data that
1851
is specific to each thread. For example, many of the functions in the
1852
POSIX compatibility package return -1 to indicate an error and store
1853
additional information in what appears to be a global variable
1854
errno. However, if multiple threads make concurrent
1855
calls into the POSIX library and if errno were
1856
really a global variable then a thread would have no way of knowing
1857
whether the current errno value really corresponded
1858
to the last POSIX call it made, or whether some other thread had run
1859
in the meantime and made a different POSIX call which updated the
1860
variable. To avoid such confusion errno is instead
1861
implemented as a per-thread variable, and each thread has its own
1862
instance.
1863
      
1864
      
1865
The support for per-thread data can be disabled via the configuration
1866
option CYGVAR_KERNEL_THREADS_DATA. If enabled, each
1867
cyg_thread data structure holds a small array
1868
of words. The size of this array is determined by the configuration
1869
option CYGNUM_KERNEL_THREADS_DATA_MAX. When a
1870
thread is created the array is filled with zeroes.
1871
      
1872
      
1873
If an application needs to use per-thread data then it needs an index
1874
into this array which has not yet been allocated to other code. This
1875
index can be obtained by calling
1876
cyg_thread_new_data_index, and then used in
1877
subsequent calls to cyg_thread_get_data.
1878
Typically indices are allocated during system initialization and
1879
stored in static variables. If for some reason a slot in the array is
1880
no longer required and can be re-used then it can be released by calling
1881
cyg_thread_free_data_index,
1882
      
1883
      
1884
The current per-thread data in a given slot can be obtained using
1885
cyg_thread_get_data. This implicitly operates on
1886
the current thread, and its single argument should be an index as
1887
returned by cyg_thread_new_data_index. The
1888
per-thread data can be updated using
1889
cyg_thread_set_data. If a particular item of
1890
per-thread data is needed repeatedly then
1891
cyg_thread_get_data_ptr can be used to obtain the
1892
address of the data, and indirecting through this pointer allows the
1893
data to be examined and updated efficiently.
1894
      
1895
      
1896
Some packages, for example the error and POSIX packages, have
1897
pre-allocated slots in the array of per-thread data. These slots
1898
should not normally be used by application code, and instead slots
1899
should be allocated during initialization by a call to
1900
cyg_thread_new_data_index. If it is known that,
1901
for example, the configuration will never include the POSIX
1902
compatibility package then application code may instead decide to
1903
re-use the slot allocated to that package,
1904
CYGNUM_KERNEL_THREADS_DATA_POSIX, but obviously
1905
this does involve a risk of strange and subtle bugs if the
1906
application's requirements ever change.
1907
      
1908
    
1909
 
1910
    Valid contexts
1911
      
1912
Typically cyg_thread_new_data_index is only
1913
called during initialization, but may also be called at any time in
1914
thread context. cyg_thread_free_data_index, if
1915
used at all, can also be called during initialization or from thread
1916
context. cyg_thread_get_data,
1917
cyg_thread_get_data_ptr, and
1918
cyg_thread_set_data may only be called from
1919
thread context because they implicitly operate on the current thread.
1920
      
1921
    
1922
 
1923
  
1924
 
1925
1926
1927
 
1928
  
1929
 
1930
    
1931
    Thread destructors
1932
    
1933
 
1934
    
1935
      cyg_thread_add_destructor
1936
      cyg_thread_rem_destructor
1937
      Call functions on thread termination
1938
    
1939
    
1940
      
1941
        
1942
#include <cyg/kernel/kapi.h>
1943
typedef void (*cyg_thread_destructor_fn)(cyg_addrword_t);
1944
        
1945
        
1946
          cyg_bool_t cyg_thread_add_destructor
1947
          cyg_thread_destructor_fn fn
1948
          cyg_addrword_t data
1949
        
1950
        
1951
          cyg_bool_t cyg_thread_rem_destructor
1952
          cyg_thread_destructor_fn fn
1953
          cyg_addrword_t data
1954
        
1955
      
1956
    
1957
 
1958
    Description
1959
      
1960
These functions are provided for cases when an application requires a
1961
function to be automatically called when a thread exits. This is often
1962
useful when, for example, freeing up resources allocated by the thread.
1963
      
1964
      
1965
This support must be enabled with the configuration option
1966
CYGPKG_KERNEL_THREADS_DESTRUCTORS. When enabled,
1967
you may register a function of type
1968
cyg_thread_destructor_fn to be called on thread
1969
termination using cyg_thread_add_destructor. You
1970
may also provide it with a piece of arbitrary information in the
1971
data argument which will be passed to the
1972
destructor function fn when the thread
1973
terminates. If you no longer wish to call a function previous
1974
registered with cyg_thread_add_destructor, you
1975
may call cyg_thread_rem_destructor with the same
1976
parameters used to register the destructor function. Both these
1977
functions return true on success and
1978
false on failure.
1979
      
1980
      
1981
By default, thread destructors are per-thread, which means that registering
1982
a destructor function only registers that function for the current thread.
1983
In other words, each thread has its own list of destructors.
1984
Alternatively you may disable the configuration option
1985
CYGSEM_KERNEL_THREADS_DESTRUCTORS_PER_THREAD in which
1986
case any registered destructors will be run when any
1987
threads exit. In other words, the thread destructor list is global and all
1988
threads have the same destructors.
1989
      
1990
      
1991
There is a limit to the number of destructors which may be registered,
1992
which can be controlled with the
1993
CYGNUM_KERNEL_THREADS_DESTRUCTORS configuration
1994
option. Increasing this value will very slightly increase the amount
1995
of memory in use, and when
1996
CYGSEM_KERNEL_THREADS_DESTRUCTORS_PER_THREAD is
1997
enabled, the amount of memory used per thread will increase. When the
1998
limit has been reached, cyg_thread_add_destructor
1999
will return false.
2000
      
2001
    
2002
 
2003
    Valid contexts
2004
      
2005
When CYGSEM_KERNEL_THREADS_DESTRUCTORS_PER_THREAD
2006
is enabled, these functions must only be called from a thread context
2007
as they implicitly operate on the current thread. When
2008
CYGSEM_KERNEL_THREADS_DESTRUCTORS_PER_THREAD is
2009
disabled, these functions may be called from thread or DSR context,
2010
or at initialization time.
2011
      
2012
    
2013
 
2014
  
2015
 
2016
2017
2018
 
2019
  
2020
 
2021
    
2022
    Exception handling
2023
    
2024
 
2025
    
2026
      cyg_exception_set_handler
2027
      cyg_exception_clear_handler
2028
      cyg_exception_call_handler
2029
      Handle processor exceptions
2030
    
2031
    
2032
      
2033
        
2034
#include <cyg/kernel/kapi.h>
2035
        
2036
        
2037
          void cyg_exception_set_handler
2038
          cyg_code_t exception_number
2039
          cyg_exception_handler_t* new_handler
2040
          cyg_addrword_t new_data
2041
          cyg_exception_handler_t** old_handler
2042
          cyg_addrword_t* old_data
2043
        
2044
        
2045
          void cyg_exception_clear_handler
2046
          cyg_code_t exception_number
2047
        
2048
        
2049
          void cyg_exception_call_handler
2050
          cyg_handle_t thread
2051
          cyg_code_t exception_number
2052
          cyg_addrword_t exception_info
2053
        
2054
      
2055
    
2056
 
2057
    Description
2058
      
2059
Sometimes code attempts operations that are not legal on the current
2060
hardware, for example dividing by zero, or accessing data through a
2061
pointer that is not properly aligned. When this happens the hardware
2062
will raise an exception. This is very similar to an interrupt, but
2063
happens synchronously with code execution rather than asynchronously
2064
and hence can be tied to the thread that is currently running.
2065
      
2066
      
2067
The exceptions that can be raised depend very much on the hardware,
2068
especially the processor. The corresponding documentation should be
2069
consulted for more details. Alternatively the architectural HAL header
2070
file hal_intr.h, or one of the
2071
variant or platform header files it includes, will contain appropriate
2072
definitions. The details of how to handle exceptions, including
2073
whether or not it is possible to recover from them, also depend on the
2074
hardware.
2075
      
2076
      
2077
Exception handling is optional, and can be disabled through the
2078
configuration option CYGPKG_KERNEL_EXCEPTIONS. If
2079
an application has been exhaustively tested and is trusted never to
2080
raise a hardware exception then this option can be disabled and code
2081
and data sizes will be reduced somewhat. If exceptions are left
2082
enabled then the system will provide default handlers for the various
2083
exceptions, but these do nothing. Even the specific type of exception
2084
is ignored, so there is no point in attempting to decode this and
2085
distinguish between say a divide-by-zero and an unaligned access.
2086
If the application installs its own handlers and wants details of the
2087
specific exception being raised then the configuration option
2088
CYGSEM_KERNEL_EXCEPTIONS_DECODE has to be enabled.
2089
      
2090
      
2091
An alternative handler can be installed using
2092
cyg_exception_set_handler. This requires a code
2093
for the exception, a function pointer for the new exception handler,
2094
and a parameter to be passed to this handler. Details of the
2095
previously installed exception handler will be returned via the
2096
remaining two arguments, allowing that handler to be reinstated, or
2097
null pointers can be used if this information is of no interest. An
2098
exception handling function should take the following form:
2099
      
2100
      
2101
void
2102
my_exception_handler(cyg_addrword_t data, cyg_code_t exception, cyg_addrword_t info)
2103
{
2104
2105
}
2106
      
2107
      
2108
The data argument corresponds to the new_data
2109
parameter supplied to cyg_exception_set_handler.
2110
The exception code is provided as well, in case a single handler is
2111
expected to support multiple exceptions. The info
2112
argument will depend on the hardware and on the specific exception.
2113
      
2114
      
2115
cyg_exception_clear_handler can be used to
2116
restore the default handler, if desired. It is also possible for
2117
software to raise an exception and cause the current handler to be
2118
invoked, but generally this is useful only for testing.
2119
      
2120
      
2121
By default the system maintains a single set of global exception
2122
handlers. However, since exceptions occur synchronously it is
2123
sometimes useful to handle them on a per-thread basis, and have a
2124
different set of handlers for each thread. This behaviour can be
2125
obtained by disabling the configuration option
2126
CYGSEM_KERNEL_EXCEPTIONS_GLOBAL. If per-thread
2127
exception handlers are being used then
2128
cyg_exception_set_handler and
2129
cyg_exception_clear_handler apply to the current
2130
thread. Otherwise they apply to the global set of handlers.
2131
      
2132
 
2133
      
2134
In the current implementation
2135
cyg_exception_call_handler can only be used on
2136
the current thread. There is no support for delivering an exception to
2137
another thread.
2138
      
2139
      
2140
Exceptions at the eCos kernel level refer specifically to
2141
hardware-related events such as unaligned accesses to memory or
2142
division by zero. There is no relation with other concepts that are
2143
also known as exceptions, for example the throw and
2144
catch facilities associated with C++.
2145
      
2146
 
2147
    
2148
 
2149
    Valid contexts
2150
      
2151
If the system is configured with a single set of global exception
2152
handlers then
2153
cyg_exception_set_handler and
2154
cyg_exception_clear_handler may be called during
2155
initialization or from thread context. If instead per-thread exception
2156
handlers are being used then it is not possible to install new
2157
handlers during initialization because the functions operate
2158
implicitly on the current thread, so they can only be called from
2159
thread context. cyg_exception_call_handler should
2160
only be called from thread context.
2161
      
2162
    
2163
 
2164
  
2165
 
2166
2167
2168
 
2169
  
2170
 
2171
    
2172
    Counters
2173
    
2174
 
2175
    
2176
      cyg_counter_create
2177
      cyg_counter_delete
2178
      cyg_counter_current_value
2179
      cyg_counter_set_value
2180
      cyg_counter_tick
2181
      Count event occurrences
2182
    
2183
 
2184
    
2185
      
2186
        
2187
#include <cyg/kernel/kapi.h>
2188
        
2189
        
2190
          void cyg_counter_create
2191
          cyg_handle_t* handle
2192
          cyg_counter* counter
2193
        
2194
        
2195
          void cyg_counter_delete
2196
          cyg_handle_t counter
2197
        
2198
        
2199
          cyg_tick_count_t cyg_counter_current_value
2200
          cyg_handle_t counter
2201
        
2202
        
2203
          void cyg_counter_set_value
2204
          cyg_handle_t counter
2205
          cyg_tick_count_t new_value
2206
        
2207
        
2208
          void cyg_counter_tick
2209
          cyg_handle_t counter
2210
        
2211
      
2212
    
2213
 
2214
    Description
2215
      
2216
Kernel counters can be used to keep track of how many times a
2217
particular event has occurred. Usually this event is an external
2218
signal of some sort. The most common use of counters is in the
2219
implementation of clocks, but they can be useful with other event
2220
sources as well. Application code can attach 
2221
linkend="kernel-alarms">alarms to counters, causing a function
2222
to be called when some number of events have occurred.
2223
      
2224
      
2225
A new counter is initialized by a call to
2226
cyg_counter_create. The first argument is used to
2227
return a handle to the new counter which can be used for subsequent
2228
operations. The second argument allows the application to provide the
2229
memory needed for the object, thus eliminating any need for dynamic
2230
memory allocation within the kernel. If a counter is no longer
2231
required and does not have any alarms attached then
2232
cyg_counter_delete can be used to release the
2233
resources, allowing the cyg_counter data
2234
structure to be re-used.
2235
      
2236
      
2237
Initializing a counter does not automatically attach it to any source
2238
of events. Instead some other code needs to call
2239
cyg_counter_tick whenever a suitable event
2240
occurs, which will cause the counter to be incremented and may cause
2241
alarms to trigger. The current value associated with the counter can
2242
be retrieved using cyg_counter_current_value and
2243
modified with cyg_counter_set_value. Typically
2244
the latter function is only used during initialization, for example to
2245
set a clock to wallclock time, but it can be used to reset a counter
2246
if necessary. However cyg_counter_set_value will
2247
never trigger any alarms. A newly initialized counter has a starting
2248
value of 0.
2249
      
2250
      
2251
The kernel provides two different implementations of counters. The
2252
default is CYGIMP_KERNEL_COUNTERS_SINGLE_LIST which
2253
stores all alarms attached to the counter on a single list. This is
2254
simple and usually efficient. However when a tick occurs the kernel
2255
code has to traverse this list, typically at DSR level, so if there
2256
are a significant number of alarms attached to a single counter this
2257
will affect the system's dispatch latency. The alternative
2258
implementation, CYGIMP_KERNEL_COUNTERS_MULTI_LIST,
2259
stores each alarm in one of an array of lists such that at most one of
2260
the lists needs to be searched per clock tick. This involves extra
2261
code and data, but can improve real-time responsiveness in some
2262
circumstances. Another configuration option that is relevant here
2263
is CYGIMP_KERNEL_COUNTERS_SORT_LIST, which is
2264
disabled by default. This provides a trade off between doing work
2265
whenever a new alarm is added to a counter and doing work whenever a
2266
tick occurs. It is application-dependent which of these is more
2267
appropriate.
2268
      
2269
    
2270
 
2271
    Valid contexts
2272
      
2273
cyg_counter_create is typically called during
2274
system initialization but may also be called in thread context.
2275
Similarly cyg_counter_delete may be called during
2276
initialization or in thread context.
2277
cyg_counter_current_value,
2278
cyg_counter_set_value and
2279
cyg_counter_tick may be called during
2280
initialization or from thread or DSR context. In fact,
2281
cyg_counter_tick is usually called from inside a
2282
DSR in response to an external event of some sort.
2283
      
2284
    
2285
 
2286
  
2287
 
2288
2289
2290
 
2291
  
2292
 
2293
    
2294
    Clocks
2295
    
2296
 
2297
    
2298
      cyg_clock_create
2299
      cyg_clock_delete
2300
      cyg_clock_to_counter
2301
      cyg_clock_set_resolution
2302
      cyg_clock_get_resolution
2303
      cyg_real_time_clock
2304
      cyg_current_time
2305
      Provide system clocks
2306
    
2307
 
2308
    
2309
      
2310
        
2311
#include <cyg/kernel/kapi.h>
2312
        
2313
        
2314
          void cyg_clock_create
2315
          cyg_resolution_t resolution
2316
          cyg_handle_t* handle
2317
          cyg_clock* clock
2318
        
2319
        
2320
          void cyg_clock_delete
2321
          cyg_handle_t clock
2322
        
2323
        
2324
          void cyg_clock_to_counter
2325
          cyg_handle_t clock
2326
          cyg_handle_t* counter
2327
        
2328
        
2329
          void cyg_clock_set_resolution
2330
          cyg_handle_t clock
2331
          cyg_resolution_t resolution
2332
        
2333
        
2334
          cyg_resolution_t cyg_clock_get_resolution
2335
          cyg_handle_t clock
2336
        
2337
        
2338
          cyg_handle_t cyg_real_time_clock
2339
          
2340
        
2341
        
2342
          cyg_tick_count_t cyg_current_time
2343
          
2344
        
2345
      
2346
    
2347
 
2348
    Description
2349
      
2350
In the eCos kernel clock objects are a special form of 
2351
linkend="kernel-counters">counter objects. They are attached to
2352
a specific type of hardware, clocks that generate ticks at very
2353
specific time intervals, whereas counters can be used with any event
2354
source.
2355
      
2356
      
2357
In a default configuration the kernel provides a single clock
2358
instance, the real-time clock. This gets used for timeslicing and for
2359
operations that involve a timeout, for example
2360
cyg_semaphore_timed_wait. If this functionality
2361
is not required it can be removed from the system using the
2362
configuration option CYGVAR_KERNEL_COUNTERS_CLOCK.
2363
Otherwise the real-time clock can be accessed by a call to
2364
cyg_real_time_clock, allowing applications to
2365
attach alarms, and the current counter value can be obtained using
2366
cyg_current_time.
2367
      
2368
      
2369
Applications can create and destroy additional clocks if desired,
2370
using cyg_clock_create and
2371
cyg_clock_delete. The first argument to
2372
cyg_clock_create specifies the
2373
resolution this clock
2374
will run at. The second argument is used to return a handle for this
2375
clock object, and the third argument provides the kernel with the
2376
memory needed to hold this object. This clock will not actually tick
2377
by itself. Instead it is the responsibility of application code to
2378
initialize a suitable hardware timer to generate interrupts at the
2379
appropriate frequency, install an interrupt handler for this, and
2380
call cyg_counter_tick from inside the DSR.
2381
Associated with each clock is a kernel counter, a handle for which can
2382
be obtained using cyg_clock_to_counter.
2383
      
2384
    
2385
 
2386
    Clock Resolutions and Ticks
2387
      
2388
At the kernel level all clock-related operations including delays,
2389
timeouts and alarms work in units of clock ticks, rather than in units
2390
of seconds or milliseconds. If the calling code, whether the
2391
application or some other package, needs to operate using units such
2392
as milliseconds then it has to convert from these units to clock
2393
ticks.
2394
      
2395
      
2396
The main reason for this is that it accurately reflects the
2397
hardware: calling something like nanosleep with a
2398
delay of ten nanoseconds will not work as intended on any real
2399
hardware because timer interrupts simply will not happen that
2400
frequently; instead calling cyg_thread_delay with
2401
the equivalent delay of 0 ticks gives a much clearer indication that
2402
the application is attempting something inappropriate for the target
2403
hardware. Similarly, passing a delay of five ticks to
2404
cyg_thread_delay makes it fairly obvious that
2405
the current thread will be suspended for somewhere between four and
2406
five clock periods, as opposed to passing 50000000 to
2407
nanosleep which suggests a granularity that is
2408
not actually provided.
2409
      
2410
      
2411
A secondary reason is that conversion between clock ticks and units
2412
such as milliseconds can be somewhat expensive, and whenever possible
2413
should be done at compile-time or by the application developer rather
2414
than at run-time. This saves code size and cpu cycles.
2415
      
2416
      
2417
The information needed to perform these conversions is the clock
2418
resolution. This is a structure with two fields, a dividend and a
2419
divisor, and specifies the number of nanoseconds between clock ticks.
2420
For example a clock that runs at 100Hz will have 10 milliseconds
2421
between clock ticks, or 10000000 nanoseconds. The ratio between the
2422
resolution's dividend and divisor will therefore be 10000000 to 1, and
2423
typical values for these might be 1000000000 and 100. If the clock
2424
runs at a different frequency, say 60Hz, the numbers could be
2425
1000000000 and 60 respectively. Given a delay in nanoseconds, this can
2426
be converted to clock ticks by multiplying with the the divisor and
2427
then dividing by the dividend. For example a delay of 50 milliseconds
2428
corresponds to 50000000 nanoseconds, and with a clock frequency of
2429
100Hz this can be converted to
2430
((50000000 * 100) / 1000000000) = 5
2431
clock ticks. Given the large numbers involved this arithmetic normally
2432
has to be done using 64-bit precision and the
2433
long long data type, but allows code to run on
2434
hardware with unusual clock frequencies.
2435
      
2436
      
2437
The default frequency for the real-time clock on any platform is
2438
usually about 100Hz, but platform-specific documentation should be
2439
consulted for this information. Usually it is possible to override
2440
this default by configuration options, but again this depends on the
2441
capabilities of the underlying hardware. The resolution for any clock
2442
can be obtained using cyg_clock_get_resolution.
2443
For clocks created by application code, there is also a function
2444
cyg_clock_set_resolution. This does not affect
2445
the underlying hardware timer in any way, it merely updates the
2446
information that will be returned in subsequent calls to
2447
cyg_clock_get_resolution: changing the actual
2448
underlying clock frequency will require appropriate manipulation of
2449
the timer hardware.
2450
      
2451
    
2452
 
2453
    Valid contexts
2454
      
2455
cyg_clock_create is usually only called during
2456
system initialization (if at all), but may also be called from thread
2457
context. The same applies to cyg_clock_delete.
2458
The remaining functions may be called during initialization, from
2459
thread context, or from DSR context, although it should be noted that
2460
there is no locking between
2461
cyg_clock_get_resolution and
2462
cyg_clock_set_resolution so theoretically it is
2463
possible that the former returns an inconsistent data structure.
2464
      
2465
    
2466
 
2467
  
2468
 
2469
2470
2471
 
2472
  
2473
 
2474
    
2475
    Alarms
2476
    
2477
 
2478
    
2479
      cyg_alarm_create
2480
      cyg_alarm_delete
2481
      cyg_alarm_initialize
2482
      cyg_alarm_enable
2483
      cyg_alarm_disable
2484
      Run an alarm function when a number of events have occurred
2485
    
2486
 
2487
    
2488
      
2489
        
2490
#include <cyg/kernel/kapi.h>
2491
        
2492
        
2493
          void cyg_alarm_create
2494
          cyg_handle_t counter
2495
          cyg_alarm_t* alarmfn
2496
          cyg_addrword_t data
2497
          cyg_handle_t* handle
2498
          cyg_alarm* alarm
2499
        
2500
        
2501
          void cyg_alarm_delete
2502
          cyg_handle_t alarm
2503
        
2504
        
2505
          void cyg_alarm_initialize
2506
          cyg_handle_t alarm
2507
          cyg_tick_count_t trigger
2508
          cyg_tick_count_t interval
2509
        
2510
        
2511
          void cyg_alarm_enable
2512
          cyg_handle_t alarm
2513
        
2514
        
2515
          void cyg_alarm_disable
2516
          cyg_handle_t alarm
2517
        
2518
      
2519
    
2520
 
2521
    Description
2522
      
2523
Kernel alarms are used together with counters and allow for action to
2524
be taken when a certain number of events have occurred. If the counter
2525
is associated with a clock then the alarm action happens when the
2526
appropriate number of clock ticks have occurred, in other words after
2527
a certain period of time.
2528
      
2529
      
2530
Setting up an alarm involves a two-step process. First the alarm must
2531
be created with a call to cyg_alarm_create. This
2532
takes five arguments. The first identifies the counter to which the
2533
alarm should be attached. If the alarm should be attached to the
2534
system's real-time clock then cyg_real_time_clock
2535
and cyg_clock_to_counter can be used to get hold
2536
of the appropriate handle. The next two arguments specify the action
2537
to be taken when the alarm is triggered, in the form of a function
2538
pointer and some data. This function should take the form:
2539
      
2540
      
2541
void
2542
alarm_handler(cyg_handle_t alarm, cyg_addrword_t data)
2543
{
2544
2545
}
2546
      
2547
      
2548
The data argument passed to the alarm function corresponds to the
2549
third argument passed to cyg_alarm_create.
2550
The fourth argument to cyg_alarm_create is used
2551
to return a handle to the newly-created alarm object, and the final
2552
argument provides the memory needed for the alarm object and thus
2553
avoids any need for dynamic memory allocation within the kernel.
2554
      
2555
      
2556
Once an alarm has been created a further call to
2557
cyg_alarm_initialize is needed to activate it.
2558
The first argument specifies the alarm. The second argument indicates
2559
the number of events, for example clock ticks, that need to occur
2560
before the alarm triggers. If the third argument is 0 then the alarm
2561
will only trigger once. A non-zero value specifies that the alarm
2562
should trigger repeatedly, with an interval of the specified number of
2563
events.
2564
      
2565
      
2566
Alarms can be temporarily disabled and reenabled using
2567
cyg_alarm_disable and
2568
cyg_alarm_enable. Alternatively another call to
2569
cyg_alarm_initialize can be used to modify the
2570
behaviour of an existing alarm. If an alarm is no longer required then
2571
the associated resources can be released using
2572
cyg_alarm_delete.
2573
      
2574
      
2575
The alarm function is invoked when a counter tick occurs, in other
2576
words when there is a call to cyg_counter_tick,
2577
and will happen in the same context. If the alarm is associated with
2578
the system's real-time clock then this will be DSR context, following
2579
a clock interrupt. If the alarm is associated with some other
2580
application-specific counter then the details will depend on how that
2581
counter is updated.
2582
      
2583
      
2584
If two or more alarms are registered for precisely the same counter tick,
2585
the order of execution of the alarm functions is unspecified.
2586
      
2587
    
2588
 
2589
    Valid contexts
2590
      
2591
cyg_alarm_create
2592
cyg_alarm_initialize is typically called during
2593
system initialization but may also be called in thread context. The
2594
same applies to cyg_alarm_delete.
2595
cyg_alarm_initialize,
2596
cyg_alarm_disable and
2597
cyg_alarm_enable may be called during
2598
initialization or from thread or DSR context, but
2599
cyg_alarm_enable and
2600
cyg_alarm_initialize may be expensive operations
2601
and should only be called when necessary.
2602
      
2603
    
2604
 
2605
  
2606
 
2607
2608
2609
 
2610
  
2611
 
2612
    
2613
    Mutexes
2614
    
2615
 
2616
    
2617
      cyg_mutex_init
2618
      cyg_mutex_destroy
2619
      cyg_mutex_lock
2620
      cyg_mutex_trylock
2621
      cyg_mutex_unlock
2622
      cyg_mutex_release
2623
      cyg_mutex_set_ceiling
2624
      cyg_mutex_set_protocol
2625
      Synchronization primitive
2626
    
2627
 
2628
    
2629
      
2630
        
2631
#include <cyg/kernel/kapi.h>
2632
        
2633
        
2634
          void cyg_mutex_init
2635
          cyg_mutex_t* mutex
2636
        
2637
        
2638
          void cyg_mutex_destroy
2639
          cyg_mutex_t* mutex
2640
        
2641
        
2642
          cyg_bool_t cyg_mutex_lock
2643
          cyg_mutex_t* mutex
2644
        
2645
        
2646
          cyg_bool_t cyg_mutex_trylock
2647
          cyg_mutex_t* mutex
2648
        
2649
        
2650
          void cyg_mutex_unlock
2651
          cyg_mutex_t* mutex
2652
        
2653
        
2654
          void cyg_mutex_release
2655
          cyg_mutex_t* mutex
2656
        
2657
        
2658
          void cyg_mutex_set_ceiling
2659
          cyg_mutex_t* mutex
2660
          cyg_priority_t priority
2661
        
2662
        
2663
          void cyg_mutex_set_protocol
2664
          cyg_mutex_t* mutex
2665
          enum cyg_mutex_protocol protocol/
2666
        
2667
      
2668
    
2669
 
2670
    Description
2671
      
2672
The purpose of mutexes is to let threads share resources safely. If
2673
two or more threads attempt to manipulate a data structure with no
2674
locking between them then the system may run for quite some time
2675
without apparent problems, but sooner or later the data structure will
2676
become inconsistent and the application will start behaving strangely
2677
and is quite likely to crash. The same can apply even when
2678
manipulating a single variable or some other resource. For example,
2679
consider:
2680
      
2681
2682
static volatile int counter = 0;
2683
 
2684
void
2685
process_event(void)
2686
{
2687
2688
 
2689
    counter++;
2690
}
2691
2692
      
2693
Assume that after a certain period of time counter
2694
has a value of 42, and two threads A and B running at the same
2695
priority call process_event. Typically thread A
2696
will read the value of counter into a register,
2697
increment this register to 43, and write this updated value back to
2698
memory. Thread B will do the same, so usually
2699
counter will end up with a value of 44. However if
2700
thread A is timesliced after reading the old value 42 but before
2701
writing back 43, thread B will still read back the old value and will
2702
also write back 43. The net result is that the counter only gets
2703
incremented once, not twice, which depending on the application may
2704
prove disastrous.
2705
      
2706
      
2707
Sections of code like the above which involve manipulating shared data
2708
are generally known as critical regions. Code should claim a lock
2709
before entering a critical region and release the lock when leaving.
2710
Mutexes provide an appropriate synchronization primitive for this.
2711
      
2712
      
2713
static volatile int counter = 0;
2714
static cyg_mutex_t  lock;
2715
 
2716
void
2717
process_event(void)
2718
{
2719
2720
 
2721
    cyg_mutex_lock(&lock);
2722
    counter++;
2723
    cyg_mutex_unlock(&lock);
2724
}
2725
      
2726
      
2727
A mutex must be initialized before it can be used, by calling
2728
cyg_mutex_init. This takes a pointer to a
2729
cyg_mutex_t data structure which is typically
2730
statically allocated, and may be part of a larger data structure. If a
2731
mutex is no longer required and there are no threads waiting on it
2732
then cyg_mutex_destroy can be used.
2733
      
2734
      
2735
The main functions for using a mutex are
2736
cyg_mutex_lock and
2737
cyg_mutex_unlock. In normal operation
2738
cyg_mutex_lock will return success after claiming
2739
the mutex lock, blocking if another thread currently owns the mutex.
2740
However the lock operation may fail if other code calls
2741
cyg_mutex_release or
2742
cyg_thread_release, so if these functions may get
2743
used then it is important to check the return value. The current owner
2744
of a mutex should call cyg_mutex_unlock when a
2745
lock is no longer required. This operation must be performed by the
2746
owner, not by another thread.
2747
      
2748
      
2749
cyg_mutex_trylock is a variant of
2750
cyg_mutex_lock that will always return
2751
immediately, returning success or failure as appropriate. This
2752
function is rarely useful. Typical code locks a mutex just before
2753
entering a critical region, so if the lock cannot be claimed then
2754
there may be nothing else for the current thread to do. Use of this
2755
function may also cause a form of priority inversion if the owner
2756
owner runs at a lower priority, because the priority inheritance code
2757
will not be triggered. Instead the current thread continues running,
2758
preventing the owner from getting any cpu time, completing the
2759
critical region, and releasing the mutex.
2760
      
2761
      
2762
cyg_mutex_release can be used to wake up all
2763
threads that are currently blocked inside a call to
2764
cyg_mutex_lock for a specific mutex. These lock
2765
calls will return failure. The current mutex owner is not affected.
2766
      
2767
    
2768
 
2769
    Priority Inversion
2770
      
2771
The use of mutexes gives rise to a problem known as priority
2772
inversion. In a typical scenario this requires three threads A, B, and
2773
C, running at high, medium and low priority respectively. Thread A and
2774
thread B are temporarily blocked waiting for some event, so thread C
2775
gets a chance to run, needs to enter a critical region, and locks
2776
a mutex. At this point threads A and B are woken up - the exact order
2777
does not matter. Thread A needs to claim the same mutex but has to
2778
wait until C has left the critical region and can release the mutex.
2779
Meanwhile thread B works on something completely different and can
2780
continue running without problems. Because thread C is running a lower
2781
priority than B it will not get a chance to run until B blocks for
2782
some reason, and hence thread A cannot run either. The overall effect
2783
is that a high-priority thread A cannot proceed because of a lower
2784
priority thread B, and priority inversion has occurred.
2785
      
2786
      
2787
In simple applications it may be possible to arrange the code such
2788
that priority inversion cannot occur, for example by ensuring that a
2789
given mutex is never shared by threads running at different priority
2790
levels. However this may not always be possible even at the
2791
application level. In addition mutexes may be used internally by
2792
underlying code, for example the memory allocation package, so careful
2793
analysis of the whole system would be needed to be sure that priority
2794
inversion cannot occur. Instead it is common practice to use one of
2795
two techniques: priority ceilings and priority inheritance.
2796
      
2797
      
2798
Priority ceilings involve associating a priority with each mutex.
2799
Usually this will match the highest priority thread that will ever
2800
lock the mutex. When a thread running at a lower priority makes a
2801
successful call to cyg_mutex_lock or
2802
cyg_mutex_trylock its priority will be boosted to
2803
that of the mutex. For example, given the previous example the
2804
priority associated with the mutex would be that of thread A, so for
2805
as long as it owns the mutex thread C will run in preference to thread
2806
B. When C releases the mutex its priority drops to the normal value
2807
again, allowing A to run and claim the mutex. Setting the
2808
priority for a mutex involves a call to
2809
cyg_mutex_set_ceiling, which is typically called
2810
during initialization. It is possible to change the ceiling
2811
dynamically but this will only affect subsequent lock operations, not
2812
the current owner of the mutex.
2813
      
2814
      
2815
Priority ceilings are very suitable for simple applications, where for
2816
every thread in the system it is possible to work out which mutexes
2817
will be accessed. For more complicated applications this may prove
2818
difficult, especially if thread priorities change at run-time. An
2819
additional problem occurs for any mutexes outside the application, for
2820
example used internally within eCos packages. A typical eCos package
2821
will be unaware of the details of the various threads in the system,
2822
so it will have no way of setting suitable ceilings for its internal
2823
mutexes. If those mutexes are not exported to application code then
2824
using priority ceilings may not be viable. The kernel does provide a
2825
configuration option
2826
CYGSEM_KERNEL_SYNCH_MUTEX_PRIORITY_INVERSION_PROTOCOL_DEFAULT_PRIORITY
2827
that can be used to set the default priority ceiling for all mutexes,
2828
which may prove sufficient.
2829
      
2830
      
2831
The alternative approach is to use priority inheritance: if a thread
2832
calls cyg_mutex_lock for a mutex that it
2833
currently owned by a lower-priority thread, then the owner will have
2834
its priority raised to that of the current thread. Often this is more
2835
efficient than priority ceilings because priority boosting only
2836
happens when necessary, not for every lock operation, and the required
2837
priority is determined at run-time rather than by static analysis.
2838
However there are complications when multiple threads running at
2839
different priorities try to lock a single mutex, or when the current
2840
owner of a mutex then tries to lock additional mutexes, and this makes
2841
the implementation significantly more complicated than priority
2842
ceilings.
2843
      
2844
      
2845
There are a number of configuration options associated with priority
2846
inversion. First, if after careful analysis it is known that priority
2847
inversion cannot arise then the component
2848
CYGSEM_KERNEL_SYNCH_MUTEX_PRIORITY_INVERSION_PROTOCOL
2849
can be disabled. More commonly this component will be enabled, and one
2850
of either
2851
CYGSEM_KERNEL_SYNCH_MUTEX_PRIORITY_INVERSION_PROTOCOL_INHERIT
2852
or
2853
CYGSEM_KERNEL_SYNCH_MUTEX_PRIORITY_INVERSION_PROTOCOL_CEILING
2854
will be selected, so that one of the two protocols is available for
2855
all mutexes. It is possible to select multiple protocols, so that some
2856
mutexes can have priority ceilings while others use priority
2857
inheritance or no priority inversion protection at all. Obviously this
2858
flexibility will add to the code size and to the cost of mutex
2859
operations. The default for all mutexes will be controlled by
2860
CYGSEM_KERNEL_SYNCH_MUTEX_PRIORITY_INVERSION_PROTOCOL_DEFAULT,
2861
and can be changed at run-time using
2862
cyg_mutex_set_protocol.
2863
      
2864
      
2865
Priority inversion problems can also occur with other synchronization
2866
primitives such as semaphores. For example there could be a situation
2867
where a high-priority thread A is waiting on a semaphore, a
2868
low-priority thread C needs to do just a little bit more work before
2869
posting the semaphore, but a medium priority thread B is running and
2870
preventing C from making progress. However a semaphore does not have
2871
the concept of an owner, so there is no way for the system to know
2872
that it is thread C which would next post to the semaphore. Hence
2873
there is no way for the system to boost the priority of C
2874
automatically and prevent the priority inversion. Instead situations
2875
like this have to be detected by application developers and
2876
appropriate precautions have to be taken, for example making sure that
2877
all the threads run at suitable priorities at all times.
2878
      
2879
      
2880
The current implementation of priority inheritance within the eCos
2881
kernel does not handle certain exceptional circumstances completely
2882
correctly. Problems will only arise if a thread owns one mutex,
2883
then attempts to claim another mutex, and there are other threads
2884
attempting to lock these same mutexes. Although the system will
2885
continue running, the current owners of the various mutexes involved
2886
may not run at the priority they should. This situation never arises
2887
in typical code because a mutex will only be locked for a small
2888
critical region, and there is no need to manipulate other shared resources
2889
inside this region. A more complicated implementation of priority
2890
inheritance is possible but would add significant overhead and certain
2891
operations would no longer be deterministic.
2892
      
2893
      
2894
Support for priority ceilings and priority inheritance is not
2895
implemented for all schedulers. In particular neither priority
2896
ceilings nor priority inheritance are currently available for the
2897
bitmap scheduler.
2898
      
2899
    
2900
 
2901
    Alternatives
2902
      
2903
In nearly all circumstances, if two or more threads need to share some
2904
data then protecting this data with a mutex is the correct thing to
2905
do. Mutexes are the only primitive that combine a locking mechanism
2906
and protection against priority inversion problems. However this
2907
functionality is achieved at a cost, and in exceptional circumstances
2908
such as an application's most critical inner loop it may be desirable
2909
to use some other means of locking.
2910
      
2911
      
2912
When a critical region is very very small it is possible to lock the
2913
scheduler, thus ensuring that no other thread can run until the
2914
scheduler is unlocked again. This is achieved with calls to 
2915
linkend="kernel-schedcontrol">cyg_scheduler_lock
2916
and cyg_scheduler_unlock. If the critical region
2917
is sufficiently small then this can actually improve both performance
2918
and dispatch latency because cyg_mutex_lock also
2919
locks the scheduler for a brief period of time. This approach will not
2920
work on SMP systems because another thread may already be running on a
2921
different processor and accessing the critical region.
2922
      
2923
      
2924
Another way of avoiding the use of mutexes is to make sure that all
2925
threads that access a particular critical region run at the same
2926
priority and configure the system with timeslicing disabled
2927
(CYGSEM_KERNEL_SCHED_TIMESLICE). Without
2928
timeslicing a thread can only be preempted by a higher-priority one,
2929
or if it performs some operation that can block. This approach
2930
requires that none of the operations in the critical region can block,
2931
so for example it is not legal to call
2932
cyg_semaphore_wait. It is also vulnerable to
2933
any changes in the configuration or to the various thread priorities:
2934
any such changes may now have unexpected side effects. It will not
2935
work on SMP systems.
2936
      
2937
    
2938
 
2939
    Recursive Mutexes
2940
      
2941
The implementation of mutexes within the eCos kernel does not support
2942
recursive locks. If a thread has locked a mutex and then attempts to
2943
lock the mutex again, typically as a result of some recursive call in
2944
a complicated call graph, then either an assertion failure will be
2945
reported or the thread will deadlock. This behaviour is deliberate.
2946
When a thread has just locked a mutex associated with some data
2947
structure, it can assume that that data structure is in a consistent
2948
state. Before unlocking the mutex again it must ensure that the data
2949
structure is again in a consistent state. Recursive mutexes allow a
2950
thread to make arbitrary changes to a data structure, then in a
2951
recursive call lock the mutex again while the data structure is still
2952
inconsistent. The net result is that code can no longer make any
2953
assumptions about data structure consistency, which defeats the
2954
purpose of using mutexes.
2955
      
2956
    
2957
 
2958
    Valid contexts
2959
      
2960
cyg_mutex_init,
2961
cyg_mutex_set_ceiling and
2962
cyg_mutex_set_protocol are normally called during
2963
initialization but may also be called from thread context. The
2964
remaining functions should only be called from thread context. Mutexes
2965
serve as a mutual exclusion mechanism between threads, and cannot be
2966
used to synchronize between threads and the interrupt handling
2967
subsystem. If a critical region is shared between a thread and a DSR
2968
then it must be protected using 
2969
linkend="kernel-schedcontrol">cyg_scheduler_lock
2970
and cyg_scheduler_unlock. If a critical region is
2971
shared between a thread and an ISR, it must be protected by disabling
2972
or masking interrupts. Obviously these operations must be used with
2973
care because they can affect dispatch and interrupt latencies.
2974
      
2975
    
2976
 
2977
  
2978
 
2979
2980
2981
 
2982
  
2983
 
2984
    
2985
    Condition Variables
2986
    
2987
 
2988
    
2989
      cyg_cond_init
2990
      cyg_cond_destroy
2991
      cyg_cond_wait
2992
      cyg_cond_timed_wait
2993
      cyg_cond_signal
2994
      cyg_cond_broadcast
2995
      Synchronization primitive
2996
    
2997
 
2998
    
2999
      
3000
        
3001
#include <cyg/kernel/kapi.h>
3002
        
3003
        
3004
          void cyg_cond_init
3005
          cyg_cond_t* cond
3006
          cyg_mutex_t* mutex
3007
        
3008
        
3009
          void cyg_cond_destroy
3010
          cyg_cond_t* cond
3011
        
3012
        
3013
          cyg_bool_t cyg_cond_wait
3014
          cyg_cond_t* cond
3015
        
3016
        
3017
          cyg_bool_t cyg_cond_timed_wait
3018
          cyg_cond_t* cond
3019
          cyg_tick_count_t abstime
3020
        
3021
        
3022
          void cyg_cond_signal
3023
          cyg_cond_t* cond
3024
        
3025
        
3026
          void cyg_cond_broadcast
3027
          cyg_cond_t* cond
3028
        
3029
      
3030
    
3031
 
3032
    Description
3033
 
3034
      
3035
Condition variables are used in conjunction with mutexes to implement
3036
long-term waits for some condition to become true. For example
3037
consider a set of functions that control access to a pool of
3038
resources:
3039
      
3040
 
3041
      
3042
 
3043
cyg_mutex_t res_lock;
3044
res_t res_pool[RES_MAX];
3045
int res_count = RES_MAX;
3046
 
3047
void res_init(void)
3048
{
3049
    cyg_mutex_init(&res_lock);
3050
    <fill pool with resources>
3051
}
3052
 
3053
res_t res_allocate(void)
3054
{
3055
    res_t res;
3056
 
3057
    cyg_mutex_lock(&res_lock);               // lock the mutex
3058
 
3059
    if( res_count == 0 )                     // check for free resource
3060
        res = RES_NONE;                      // return RES_NONE if none
3061
    else
3062
    {
3063
        res_count--;                         // allocate a resources
3064
        res = res_pool[res_count];
3065
    }
3066
 
3067
    cyg_mutex_unlock(&res_lock);             // unlock the mutex
3068
 
3069
    return res;
3070
}
3071
 
3072
void res_free(res_t res)
3073
{
3074
    cyg_mutex_lock(&res_lock);               // lock the mutex
3075
 
3076
    res_pool[res_count] = res;               // free the resource
3077
    res_count++;
3078
 
3079
    cyg_mutex_unlock(&res_lock);             // unlock the mutex
3080
}
3081
      
3082
 
3083
      
3084
These routines use the variable res_count to keep
3085
track of the resources available. If there are none then
3086
res_allocate returns RES_NONE,
3087
which the caller must check for and take appropriate error handling
3088
actions.
3089
      
3090
 
3091
      
3092
Now suppose that we do not want to return
3093
RES_NONE when there are no resources, but want to
3094
wait for one to become available. This is where a condition variable
3095
can be used:
3096
      
3097
 
3098
      
3099
 
3100
cyg_mutex_t res_lock;
3101
cyg_cond_t res_wait;
3102
res_t res_pool[RES_MAX];
3103
int res_count = RES_MAX;
3104
 
3105
void res_init(void)
3106
{
3107
    cyg_mutex_init(&res_lock);
3108
    cyg_cond_init(&res_wait, &res_lock);
3109
    <fill pool with resources>
3110
}
3111
 
3112
res_t res_allocate(void)
3113
{
3114
    res_t res;
3115
 
3116
    cyg_mutex_lock(&res_lock);               // lock the mutex
3117
 
3118
    while( res_count == 0 )                  // wait for a resources
3119
        cyg_cond_wait(&res_wait);
3120
 
3121
    res_count--;                             // allocate a resource
3122
    res = res_pool[res_count];
3123
 
3124
    cyg_mutex_unlock(&res_lock);             // unlock the mutex
3125
 
3126
    return res;
3127
}
3128
 
3129
void res_free(res_t res)
3130
{
3131
    cyg_mutex_lock(&res_lock);               // lock the mutex
3132
 
3133
    res_pool[res_count] = res;               // free the resource
3134
    res_count++;
3135
 
3136
    cyg_cond_signal(&res_wait);              // wake up any waiting allocators
3137
 
3138
    cyg_mutex_unlock(&res_lock);             // unlock the mutex
3139
}
3140
      
3141
 
3142
      
3143
In this version of the code, when res_allocate
3144
detects that there are no resources it calls
3145
cyg_cond_wait. This does two things: it unlocks
3146
the mutex, and puts the calling thread to sleep on the condition
3147
variable. When res_free is eventually called, it
3148
puts a resource back into the pool and calls
3149
cyg_cond_signal to wake up any thread waiting on
3150
the condition variable. When the waiting thread eventually gets to run again,
3151
it will re-lock the mutex before returning from
3152
cyg_cond_wait.
3153
      
3154
 
3155
      
3156
There are two important things to note about the way in which this
3157
code works. The first is that the mutex unlock and wait in
3158
cyg_cond_wait are atomic: no other thread can run
3159
between the unlock and the wait. If this were not the case then a call
3160
to res_free by that thread would release the
3161
resource but the call to cyg_cond_signal would be
3162
lost, and the first thread would end up waiting when there were
3163
resources available.
3164
      
3165
 
3166
      
3167
The second feature is that the call to
3168
cyg_cond_wait is in a while
3169
loop and not a simple if statement. This is because
3170
of the need to re-lock the mutex in cyg_cond_wait
3171
when the signalled thread reawakens. If there are other threads
3172
already queued to claim the lock then this thread must wait. Depending
3173
on the scheduler and the queue order, many other threads may have
3174
entered the critical section before this one gets to run. So the
3175
condition that it was waiting for may have been rendered false. Using
3176
a loop around all condition variable wait operations is the only way
3177
to guarantee that the condition being waited for is still true after
3178
waiting.
3179
      
3180
 
3181
      
3182
Before a condition variable can be used it must be initialized with a
3183
call to cyg_cond_init. This requires two
3184
arguments, memory for the data structure and a pointer to an existing
3185
mutex. This mutex will not be initialized by
3186
cyg_cond_init, instead a separate call to
3187
cyg_mutex_init is required. If a condition
3188
variable is no longer required and there are no threads waiting on it
3189
then cyg_cond_destroy can be used.
3190
      
3191
      
3192
When a thread needs to wait for a condition to be satisfied it can
3193
call cyg_cond_wait. The thread must have already
3194
locked the mutex that was specified in the
3195
cyg_cond_init call. This mutex will be unlocked
3196
and the current thread will be suspended in an atomic operation. When
3197
some other thread performs a signal or broadcast operation the current
3198
thread will be woken up and automatically reclaim ownership of the mutex
3199
again, allowing it to examine global state and determine whether or
3200
not the condition is now satisfied. The kernel supplies a variant of
3201
this function, cyg_cond_timed_wait, which can be
3202
used to wait on the condition variable or until some number of clock
3203
ticks have occurred. The mutex will always be reclaimed before
3204
cyg_cond_timed_wait returns, regardless of
3205
whether it was a result of a signal operation or a timeout.
3206
      
3207
      
3208
There is no cyg_cond_trywait function because
3209
this would not serve any purpose. If a thread has locked the mutex and
3210
determined that the condition is satisfied, it can just release the
3211
mutex and return. There is no need to perform any operation on the
3212
condition variable.
3213
      
3214
      
3215
When a thread changes shared state that may affect some other thread
3216
blocked on a condition variable, it should call either
3217
cyg_cond_signal or
3218
cyg_cond_broadcast. These calls do not require
3219
ownership of the mutex, but usually the mutex will have been claimed
3220
before updating the shared state. A signal operation only wakes up the
3221
first thread that is waiting on the condition variable, while a
3222
broadcast wakes up all the threads. If there are no threads waiting on
3223
the condition variable at the time, then the signal or broadcast will
3224
have no effect: past signals are not counted up or remembered in any
3225
way. Typically a signal should be used when all threads will check the
3226
same condition and at most one thread can continue running. A
3227
broadcast should be used if threads check slightly different
3228
conditions, or if the change to the global state might allow multiple
3229
threads to proceed.
3230
      
3231
    
3232
 
3233
    Valid contexts
3234
      
3235
cyg_cond_init is typically called during system
3236
initialization but may also be called in thread context. The same
3237
applies to cyg_cond_delete.
3238
cyg_cond_wait and
3239
cyg_cond_timedwait may only be called from thread
3240
context since they may block. cyg_cond_signal and
3241
cyg_cond_broadcast may be called from thread or
3242
DSR context.
3243
      
3244
    
3245
 
3246
  
3247
 
3248
3249
3250
 
3251
  
3252
 
3253
    
3254
    Semaphores
3255
    
3256
 
3257
    
3258
      cyg_semaphore_init
3259
      cyg_semaphore_destroy
3260
      cyg_semaphore_wait
3261
      cyg_semaphore_timed_wait
3262
      cyg_semaphore_post
3263
      cyg_semaphore_peek
3264
      Synchronization primitive
3265
    
3266
 
3267
    
3268
      
3269
        
3270
#include <cyg/kernel/kapi.h>
3271
        
3272
        
3273
          void cyg_semaphore_init
3274
          cyg_sem_t* sem
3275
          cyg_count32 val
3276
        
3277
        
3278
          void cyg_semaphore_destroy
3279
          cyg_sem_t* sem
3280
        
3281
        
3282
          cyg_bool_t cyg_semaphore_wait
3283
          cyg_sem_t* sem
3284
        
3285
        
3286
          cyg_bool_t cyg_semaphore_timed_wait
3287
          cyg_sem_t* sem
3288
          cyg_tick_count_t abstime
3289
        
3290
        
3291
          cyg_bool_t cyg_semaphore_trywait
3292
          cyg_sem_t* sem
3293
        
3294
        
3295
          void cyg_semaphore_post
3296
          cyg_sem_t* sem
3297
        
3298
        
3299
          void cyg_semaphore_peek
3300
          cyg_sem_t* sem
3301
          cyg_count32* val
3302
        
3303
      
3304
    
3305
 
3306
    Description
3307
      
3308
Counting semaphores are a 
3309
linkend="kernel-overview-synch-primitives">synchronization
3310
primitive that allow threads to wait until an event has
3311
occurred. The event may be generated by a producer thread, or by a DSR
3312
in response to a hardware interrupt. Associated with each semaphore is
3313
an integer counter that keeps track of the number of events that have
3314
not yet been processed. If this counter is zero, an attempt by a
3315
consumer thread to wait on the semaphore will block until some other
3316
thread or a DSR posts a new event to the semaphore. If the counter is
3317
greater than zero then an attempt to wait on the semaphore will
3318
consume one event, in other words decrement the counter, and return
3319
immediately. Posting to a semaphore will wake up the first thread that
3320
is currently waiting, which will then resume inside the semaphore wait
3321
operation and decrement the counter again.
3322
      
3323
      
3324
Another use of semaphores is for certain forms of resource management.
3325
The counter would correspond to how many of a certain type of resource
3326
are currently available, with threads waiting on the semaphore to
3327
claim a resource and posting to release the resource again. In
3328
practice condition
3329
variables are usually much better suited for operations like
3330
this.
3331
      
3332
      
3333
cyg_semaphore_init is used to initialize a
3334
semaphore. It takes two arguments, a pointer to a
3335
cyg_sem_t structure and an initial value for
3336
the counter. Note that semaphore operations, unlike some other parts
3337
of the kernel API, use pointers to data structures rather than
3338
handles. This makes it easier to embed semaphores in a larger data
3339
structure. The initial counter value can be any number, zero, positive
3340
or negative, but typically a value of zero is used to indicate that no
3341
events have occurred yet.
3342
      
3343
      
3344
cyg_semaphore_wait is used by a consumer thread
3345
to wait for an event. If the current counter is greater than 0, in
3346
other words if the event has already occurred in the past, then the
3347
counter will be decremented and the call will return immediately.
3348
Otherwise the current thread will be blocked until there is a
3349
cyg_semaphore_post call.
3350
      
3351
      
3352
cyg_semaphore_post is called when an event has
3353
occurs. This increments the counter and wakes up the first thread
3354
waiting on the semaphore (if any). Usually that thread will then
3355
continue running inside cyg_semaphore_wait and
3356
decrement the counter again. However other scenarioes are possible.
3357
For example the thread calling cyg_semaphore_post
3358
may be running at high priority, some other thread running at medium
3359
priority may be about to call cyg_semaphore_wait
3360
when it next gets a chance to run, and a low priority thread may be
3361
waiting on the semaphore. What will happen is that the current high
3362
priority thread continues running until it is descheduled for some
3363
reason, then the medium priority thread runs and its call to
3364
cyg_semaphore_wait succeeds immediately, and
3365
later on the low priority thread runs again, discovers a counter value
3366
of 0, and blocks until another event is posted. If there are multiple
3367
threads blocked on a semaphore then the configuration option
3368
CYGIMP_KERNEL_SCHED_SORTED_QUEUES determines which
3369
one will be woken up by a post operation.
3370
      
3371
      
3372
cyg_semaphore_wait returns a boolean. Normally it
3373
will block until it has successfully decremented the counter, retrying
3374
as necessary, and return success. However the wait operation may be
3375
aborted by a call to 
3376
linkend="kernel-thread-control">cyg_thread_release,
3377
and cyg_semaphore_wait will then return false.
3378
      
3379
      
3380
cyg_semaphore_timed_wait is a variant of
3381
cyg_semaphore_wait. It can be used to wait until
3382
either an event has occurred or a number of clock ticks have happened.
3383
The function returns success if the semaphore wait operation
3384
succeeded, or false if the operation timed out or was aborted by
3385
cyg_thread_release. If support for the real-time
3386
clock has been removed from the current configuration then this
3387
function will not be available.
3388
cyg_semaphore_trywait is another variant which
3389
will always return immediately rather than block, again returning
3390
success or failure.
3391
      
3392
      
3393
cyg_semaphore_peek can be used to get hold of the
3394
current counter value. This function is rarely useful except for
3395
debugging purposes since the counter value may change at any time if
3396
some other thread or a DSR performs a semaphore operation.
3397
      
3398
    
3399
 
3400
    Valid contexts
3401
      
3402
cyg_semaphore_init is normally called during
3403
initialization but may also be called from thread context.
3404
cyg_semaphore_wait and
3405
cyg_semaphore_timed_wait may only be called from
3406
thread context because these operations may block.
3407
cyg_semaphore_trywait,
3408
cyg_semaphore_post and
3409
cyg_semaphore_peek may be called from thread or
3410
DSR context.
3411
      
3412
    
3413
 
3414
  
3415
 
3416
3417
3418
 
3419
  
3420
 
3421
    
3422
    Mail boxes
3423
    
3424
 
3425
    
3426
      cyg_mbox_create
3427
      cyg_mbox_delete
3428
      cyg_mbox_get
3429
      cyg_mbox_timed_get
3430
      cyg_mbox_tryget
3431
      cyg_mbox_peek_item
3432
      cyg_mbox_put
3433
      cyg_mbox_timed_put
3434
      cyg_mbox_tryput
3435
      cyg_mbox_peek
3436
      cyg_mbox_waiting_to_get
3437
      cyg_mbox_waiting_to_put
3438
      Synchronization primitive
3439
    
3440
 
3441
    
3442
      
3443
        
3444
#include <cyg/kernel/kapi.h>
3445
        
3446
        
3447
          void cyg_mbox_create
3448
          cyg_handle_t* handle
3449
          cyg_mbox* mbox
3450
        
3451
        
3452
          void cyg_mbox_delete
3453
          cyg_handle_t mbox
3454
        
3455
        
3456
          void* cyg_mbox_get
3457
          cyg_handle_t mbox
3458
        
3459
        
3460
          void* cyg_mbox_timed_get
3461
          cyg_handle_t mbox
3462
          cyg_tick_count_t abstime
3463
        
3464
        
3465
          void* cyg_mbox_tryget
3466
          cyg_handle_t mbox
3467
        
3468
        
3469
          cyg_count32 cyg_mbox_peek
3470
          cyg_handle_t mbox
3471
        
3472
        
3473
          void* cyg_mbox_peek_item
3474
          cyg_handle_t mbox
3475
        
3476
        
3477
          cyg_bool_t cyg_mbox_put
3478
          cyg_handle_t mbox
3479
          void* item
3480
        
3481
        
3482
          cyg_bool_t cyg_mbox_timed_put
3483
          cyg_handle_t mbox
3484
          void* item
3485
          cyg_tick_count_t abstime
3486
        
3487
        
3488
          cyg_bool_t cyg_mbox_tryput
3489
          cyg_handle_t mbox
3490
          void* item
3491
        
3492
        
3493
          cyg_bool_t cyg_mbox_waiting_to_get
3494
          cyg_handle_t mbox
3495
        
3496
        
3497
          cyg_bool_t cyg_mbox_waiting_to_put
3498
          cyg_handle_t mbox
3499
        
3500
      
3501
    
3502
 
3503
    Description
3504
      
3505
Mail boxes are a synchronization primitive. Like semaphores they
3506
can be used by a consumer thread to wait until a certain event has
3507
occurred, but the producer also has the ability to transmit some data
3508
along with each event. This data, the message, is normally a pointer
3509
to some data structure. It is stored in the mail box itself, so the
3510
producer thread that generates the event and provides the data usually
3511
does not have to block until some consumer thread is ready to receive
3512
the event. However a mail box will only have a finite capacity,
3513
typically ten slots. Even if the system is balanced and events are
3514
typically consumed at least as fast as they are generated, a burst of
3515
events can cause the mail box to fill up and the generating thread
3516
will block until space is available again. This behaviour is very
3517
different from semaphores, where it is only necessary to maintain a
3518
counter and hence an overflow is unlikely.
3519
      
3520
      
3521
Before a mail box can be used it must be created with a call to
3522
cyg_mbox_create. Each mail box has a unique
3523
handle which will be returned via the first argument and which should
3524
be used for subsequent operations.
3525
cyg_mbox_create also requires an area of memory
3526
for the kernel structure, which is provided by the
3527
cyg_mbox second argument. If a mail box is
3528
no longer required then cyg_mbox_delete can be
3529
used. This will simply discard any messages that remain posted.
3530
      
3531
      
3532
The main function for waiting on a mail box is
3533
cyg_mbox_get. If there is a pending message
3534
because of a call to cyg_mbox_put then
3535
cyg_mbox_get will return immediately with the
3536
message that was put into the mail box. Otherwise this function
3537
will block until there is a put operation. Exceptionally the thread
3538
can instead be unblocked by a call to
3539
cyg_thread_release, in which case
3540
cyg_mbox_get will return a null pointer. It is
3541
assumed that there will never be a call to
3542
cyg_mbox_put with a null pointer, because it
3543
would not be possible to distinguish between that and a release
3544
operation. Messages are always retrieved in the order in which they
3545
were put into the mail box, and there is no support for messages
3546
with different priorities.
3547
      
3548
      
3549
There are two variants of cyg_mbox_get. The
3550
first, cyg_mbox_timed_get will wait until either
3551
a message is available or until a number of clock ticks have occurred.
3552
If no message is posted within the timeout then a null pointer will be
3553
returned. cyg_mbox_tryget is a non-blocking
3554
operation which will either return a message if one is available or a
3555
null pointer.
3556
      
3557
      
3558
New messages are placed in the mail box by calling
3559
cyg_mbox_put or one of its variants. The main put
3560
function takes two arguments, a handle to the mail box and a
3561
pointer for the message itself. If there is a spare slot in the
3562
mail box then the new message can be placed there immediately, and
3563
if there is a waiting thread it will be woken up so that it can
3564
receive the message. If the mail box is currently full then
3565
cyg_mbox_put will block until there has been a
3566
get operation and a slot is available. The
3567
cyg_mbox_timed_put variant imposes a time limit
3568
on the put operation, returning false if the operation cannot be
3569
completed within the specified number of clock ticks. The
3570
cyg_mbox_tryput variant is non-blocking,
3571
returning false if there are no free slots available and the message
3572
cannot be posted without blocking.
3573
      
3574
      
3575
There are a further four functions available for examining the current
3576
state of a mailbox. The results of these functions must be used with
3577
care because usually the state can change at any time as a result of
3578
activity within other threads, but they may prove occasionally useful
3579
during debugging or in special situations.
3580
cyg_mbox_peek returns a count of the number of
3581
messages currently stored in the mail box.
3582
cyg_mbox_peek_item retrieves the first message,
3583
but it remains in the mail box until a get operation is performed.
3584
cyg_mbox_waiting_to_get and
3585
cyg_mbox_waiting_to_put indicate whether or not
3586
there are currently threads blocked in a get or a put operation on a
3587
given mail box.
3588
      
3589
      
3590
The number of slots in each mail box is controlled by a
3591
configuration option
3592
CYGNUM_KERNEL_SYNCH_MBOX_QUEUE_SIZE, with a default
3593
value of 10. All mail boxes are the same size.
3594
      
3595
    
3596
 
3597
    Valid contexts
3598
      
3599
cyg_mbox_create is typically called during
3600
system initialization but may also be called in thread context.
3601
The remaining functions are normally called only during thread
3602
context. Of special note is cyg_mbox_put which
3603
can be a blocking operation when the mail box is full, and which
3604
therefore must never be called from DSR context. It is permitted to
3605
call cyg_mbox_tryput,
3606
cyg_mbox_tryget, and the information functions
3607
from DSR context but this is rarely useful.
3608
      
3609
    
3610
 
3611
  
3612
 
3613
3614
3615
 
3616
  
3617
 
3618
    
3619
    Event Flags
3620
    
3621
 
3622
    
3623
      cyg_flag_init
3624
      cyg_flag_destroy
3625
      cyg_flag_setbits
3626
      cyg_flag_maskbits
3627
      cyg_flag_wait
3628
      cyg_flag_timed_wait
3629
      cyg_flag_poll
3630
      cyg_flag_peek
3631
      cyg_flag_waiting
3632
      Synchronization primitive
3633
    
3634
 
3635
    
3636
      
3637
        
3638
#include <cyg/kernel/kapi.h>
3639
        
3640
        
3641
          void cyg_flag_init
3642
          cyg_flag_t* flag
3643
        
3644
        
3645
          void cyg_flag_destroy
3646
          cyg_flag_t* flag
3647
        
3648
        
3649
          void cyg_flag_setbits
3650
          cyg_flag_t* flag
3651
          cyg_flag_value_t value
3652
        
3653
        
3654
          void cyg_flag_maskbits
3655
          cyg_flag_t* flag
3656
          cyg_flag_value_t value
3657
        
3658
        
3659
          cyg_flag_value_t cyg_flag_wait
3660
          cyg_flag_t* flag
3661
          cyg_flag_value_t pattern
3662
          cyg_flag_mode_t mode
3663
        
3664
        
3665
          cyg_flag_value_t cyg_flag_timed_wait
3666
          cyg_flag_t* flag
3667
          cyg_flag_value_t pattern
3668
          cyg_flag_mode_t mode
3669
          cyg_tick_count_t abstime
3670
        
3671
        
3672
          cyg_flag_value_t cyg_flag_poll
3673
          cyg_flag_t* flag
3674
          cyg_flag_value_t pattern
3675
          cyg_flag_mode_t mode
3676
        
3677
        
3678
          cyg_flag_value_t cyg_flag_peek
3679
          cyg_flag_t* flag
3680
        
3681
        
3682
          cyg_bool_t cyg_flag_waiting
3683
          cyg_flag_t* flag
3684
        
3685
      
3686
    
3687
 
3688
    Description
3689
      
3690
Event flags allow a consumer thread to wait for one of several
3691
different types of event to occur. Alternatively it is possible to
3692
wait for some combination of events. The implementation is relatively
3693
straightforward. Each event flag contains a 32-bit integer.
3694
Application code associates these bits with specific events, so for
3695
example bit 0 could indicate that an I/O operation has completed and
3696
data is available, while bit 1 could indicate that the user has
3697
pressed a start button. A producer thread or a DSR can cause one or
3698
more of the bits to be set, and a consumer thread currently waiting
3699
for these bits will be woken up.
3700
      
3701
      
3702
Unlike semaphores no attempt is made to keep track of event counts. It
3703
does not matter whether a given event occurs once or multiple times
3704
before being consumed, the corresponding bit in the event flag will
3705
change only once. However semaphores cannot easily be used to handle
3706
multiple event sources. Event flags can often be used as an
3707
alternative to condition variables, although they cannot be used for
3708
completely arbitrary conditions and they only support the equivalent
3709
of condition variable broadcasts, not signals.
3710
      
3711
      
3712
Before an event flag can be used it must be initialized by a call to
3713
cyg_flag_init. This takes a pointer to a
3714
cyg_flag_t data structure, which can be part of a
3715
larger structure. All 32 bits in the event flag will be set to 0,
3716
indicating that no events have yet occurred. If an event flag is no
3717
longer required it can be cleaned up with a call to
3718
cyg_flag_destroy, allowing the memory for the
3719
cyg_flag_t structure to be re-used.
3720
      
3721
      
3722
A consumer thread can wait for one or more events by calling
3723
cyg_flag_wait. This takes three arguments. The
3724
first identifies a particular event flag. The second is some
3725
combination of bits, indicating which events are of interest. The
3726
final argument should be one of the following:
3727
      
3728
      
3729
        
3730
          CYG_FLAG_WAITMODE_AND
3731
          
3732
The call to cyg_flag_wait will block until all
3733
the specified event bits are set. The event flag is not cleared when
3734
the wait succeeds, in other words all the bits remain set.
3735
          
3736
        
3737
        
3738
          CYG_FLAG_WAITMODE_OR
3739
          
3740
The call will block until at least one of the specified event bits is
3741
set. The event flag is not cleared on return.
3742
          
3743
        
3744
        
3745
          CYG_FLAG_WAITMODE_AND | CYG_FLAG_WAITMODE_CLR
3746
          
3747
The call will block until all the specified event bits are set, and
3748
the entire event flag is cleared when the call succeeds. Note that
3749
if this mode of operation is used then a single event flag cannot be
3750
used to store disjoint sets of events, even though enough bits might
3751
be available. Instead each disjoint set of events requires its own
3752
event flag.
3753
          
3754
        
3755
        
3756
          CYG_FLAG_WAITMODE_OR | CYG_FLAG_WAITMODE_CLR
3757
          
3758
The call will block until at least one of the specified event bits is
3759
set, and the entire flag is cleared when the call succeeds.
3760
          
3761
        
3762
      
3763
      
3764
A call to cyg_flag_wait normally blocks until the
3765
required condition is satisfied. It will return the value of the event
3766
flag at the point that the operation succeeded, which may be a
3767
superset of the requested events. If
3768
cyg_thread_release is used to unblock a thread
3769
that is currently in a wait operation, the
3770
cyg_flag_wait call will instead return 0.
3771
      
3772
      
3773
cyg_flag_timed_wait is a variant of
3774
cyg_flag_wait which adds a timeout: the wait
3775
operation must succeed within the specified number of ticks, or it
3776
will fail with a return value of 0. cyg_flag_poll
3777
is a non-blocking variant: if the wait operation can succeed
3778
immediately it acts like cyg_flag_wait, otherwise
3779
it returns immediately with a value of 0.
3780
      
3781
      
3782
cyg_flag_setbits is called by a producer thread
3783
or from inside a DSR when an event occurs. The specified bits are or'd
3784
into the current event flag value. This may cause a waiting thread to
3785
be woken up, if its condition is now satisfied.
3786
      
3787
      
3788
cyg_flag_maskbits can be used to clear one or
3789
more bits in the event flag. This can be called from a producer when a
3790
particular condition is no longer satisfied, for example when the user
3791
is no longer pressing a particular button. It can also be used by a
3792
consumer thread if CYG_FLAG_WAITMODE_CLR was not
3793
used as part of the wait operation, to indicate that some but not all
3794
of the active events have been consumed. If there are multiple
3795
consumer threads performing wait operations without using
3796
CYG_FLAG_WAITMODE_CLR then typically some
3797
additional synchronization such as a mutex is needed to prevent
3798
multiple threads consuming the same event.
3799
      
3800
      
3801
Two additional functions are provided to query the current state of an
3802
event flag. cyg_flag_peek returns the current
3803
value of the event flag, and cyg_flag_waiting can
3804
be used to find out whether or not there are any threads currently
3805
blocked on the event flag. Both of these functions must be used with
3806
care because other threads may be operating on the event flag.
3807
      
3808
    
3809
 
3810
    Valid contexts
3811
      
3812
cyg_flag_init is typically called during system
3813
initialization but may also be called in thread context. The same
3814
applies to cyg_flag_destroy.
3815
cyg_flag_wait and
3816
cyg_flag_timed_wait may only be called from
3817
thread context. The remaining functions may be called from thread or
3818
DSR context.
3819
      
3820
    
3821
 
3822
  
3823
 
3824
3825
3826
 
3827
  
3828
 
3829
    
3830
    Spinlocks
3831
    
3832
 
3833
    
3834
      cyg_spinlock_create
3835
      cyg_spinlock_destroy
3836
      cyg_spinlock_spin
3837
      cyg_spinlock_clear
3838
      cyg_spinlock_test
3839
      cyg_spinlock_spin_intsave
3840
      cyg_spinlock_clear_intsave
3841
      Low-level Synchronization Primitive
3842
    
3843
 
3844
    
3845
      
3846
        
3847
#include <cyg/kernel/kapi.h>
3848
        
3849
        
3850
          void cyg_spinlock_init
3851
          cyg_spinlock_t* lock
3852
          cyg_bool_t locked
3853
        
3854
        
3855
          void cyg_spinlock_destroy
3856
          cyg_spinlock_t* lock
3857
        
3858
        
3859
          void cyg_spinlock_spin
3860
          cyg_spinlock_t* lock
3861
        
3862
        
3863
          void cyg_spinlock_clear
3864
          cyg_spinlock_t* lock
3865
        
3866
        
3867
          cyg_bool_t cyg_spinlock_try
3868
          cyg_spinlock_t* lock
3869
        
3870
        
3871
          cyg_bool_t cyg_spinlock_test
3872
          cyg_spinlock_t* lock
3873
        
3874
        
3875
          void cyg_spinlock_spin_intsave
3876
          cyg_spinlock_t* lock
3877
          cyg_addrword_t* istate
3878
        
3879
        
3880
          void cyg_spinlock_clear_intsave
3881
          cyg_spinlock_t* lock
3882
          cyg_addrword_t istate
3883
        
3884
      
3885
    
3886
 
3887
    Description
3888
      
3889
Spinlocks provide an additional synchronization primitive for
3890
applications running on SMP systems. They operate at a lower level
3891
than the other primitives such as mutexes, and for most purposes the
3892
higher-level primitives should be preferred. However there are some
3893
circumstances where a spinlock is appropriate, especially when
3894
interrupt handlers and threads need to share access to hardware, and
3895
on SMP systems the kernel implementation itself depends on spinlocks.
3896
      
3897
      
3898
Essentially a spinlock is just a simple flag. When code tries to claim
3899
a spinlock it checks whether or not the flag is already set. If not
3900
then the flag is set and the operation succeeds immediately. The exact
3901
implementation of this is hardware-specific, for example it may use a
3902
test-and-set instruction to guarantee the desired behaviour even if
3903
several processors try to access the spinlock at the exact same time.
3904
If it is not possible to claim a spinlock then the current thead spins
3905
in a tight loop, repeatedly checking the flag until it is clear. This
3906
behaviour is very different from other synchronization primitives such
3907
as mutexes, where contention would cause a thread to be suspended. The
3908
assumption is that a spinlock will only be held for a very short time.
3909
If claiming a spinlock could cause the current thread to be suspended
3910
then spinlocks could not be used inside interrupt handlers, which is
3911
not acceptable.
3912
      
3913
      
3914
This does impose a constraint on any code which uses spinlocks.
3915
Specifically it is important that spinlocks are held only for a short
3916
period of time, typically just some dozens of instructions. Otherwise
3917
another processor could be blocked on the spinlock for a long time,
3918
unable to do any useful work. It is also important that a thread which
3919
owns a spinlock does not get preempted because that might cause
3920
another processor to spin for a whole timeslice period, or longer. One
3921
way of achieving this is to disable interrupts on the current
3922
processor, and the function
3923
cyg_spinlock_spin_intsave is provided to
3924
facilitate this.
3925
      
3926
      
3927
Spinlocks should not be used on single-processor systems. Consider a
3928
high priority thread which attempts to claim a spinlock already held
3929
by a lower priority thread: it will just loop forever and the lower
3930
priority thread will never get another chance to run and release the
3931
spinlock. Even if the two threads were running at the same priority,
3932
the one attempting to claim the spinlock would spin until it was
3933
timesliced and a lot of cpu time would be wasted. If an interrupt
3934
handler tried to claim a spinlock owned by a thread, the interrupt
3935
handler would loop forever. Therefore spinlocks are only appropriate
3936
for SMP systems where the current owner of a spinlock can continue
3937
running on a different processor.
3938
      
3939
      
3940
Before a spinlock can be used it must be initialized by a call to
3941
cyg_spinlock_init. This takes two arguments, a
3942
pointer to a cyg_spinlock_t data structure, and
3943
a flag to specify whether the spinlock starts off locked or unlocked.
3944
If a spinlock is no longer required then it can be destroyed by a call
3945
to cyg_spinlock_destroy.
3946
      
3947
      
3948
There are two routines for claiming a spinlock:
3949
cyg_spinlock_spin and
3950
cyg_spinlock_spin_intsave. The former can be used
3951
when it is known the current code will not be preempted, for example
3952
because it is running in an interrupt handler or because interrupts
3953
are disabled. The latter will disable interrupts in addition to
3954
claiming the spinlock, so is safe to use in all circumstances. The
3955
previous interrupt state is returned via the second argument, and
3956
should be used in a subsequent call to
3957
cyg_spinlock_clear_intsave.
3958
      
3959
      
3960
Similarly there are two routines for releasing a spinlock:
3961
cyg_spinlock_clear and
3962
cyg_spinlock_clear_intsave. Typically
3963
the former will be used if the spinlock was claimed by a call to
3964
cyg_spinlock_spin, and the latter when
3965
cyg_spinlock_intsave was used.
3966
      
3967
      
3968
There are two additional routines.
3969
cyg_spinlock_try is a non-blocking version of
3970
cyg_spinlock_spin: if possible the lock will be
3971
claimed and the function will return true; otherwise the function
3972
will return immediately with failure.
3973
cyg_spinlock_test can be used to find out whether
3974
or not the spinlock is currently locked. This function must be used
3975
with care because, especially on a multiprocessor system, the state of
3976
the spinlock can change at any time.
3977
      
3978
      
3979
Spinlocks should only be held for a short period of time, and
3980
attempting to claim a spinlock will never cause a thread to be
3981
suspended. This means that there is no need to worry about priority
3982
inversion problems, and concepts such as priority ceilings and
3983
inheritance do not apply.
3984
      
3985
    
3986
 
3987
    Valid contexts
3988
      
3989
All of the spinlock functions can be called from any context,
3990
including ISR and DSR context. Typically
3991
cyg_spinlock_init is only called during system
3992
initialization.
3993
      
3994
    
3995
 
3996
  
3997
 
3998
3999
4000
 
4001
  
4002
 
4003
    
4004
    Scheduler Control
4005
    
4006
 
4007
    
4008
      cyg_scheduler_start
4009
      cyg_scheduler_lock
4010
      cyg_scheduler_unlock
4011
      cyg_scheduler_safe_lock
4012
      cyg_scheduler_read_lock
4013
      Control the state of the scheduler
4014
    
4015
 
4016
    
4017
      
4018
        
4019
#include <cyg/kernel/kapi.h>
4020
        
4021
        
4022
          void cyg_scheduler_start
4023
          
4024
        
4025
        
4026
          void cyg_scheduler_lock
4027
          
4028
        
4029
        
4030
          void cyg_scheduler_unlock
4031
          
4032
        
4033
        
4034
          cyg_ucount32 cyg_scheduler_read_lock
4035
          
4036
        
4037
      
4038
    
4039
 
4040
    Description
4041
      
4042
cyg_scheduler_start should only be called once,
4043
to mark the end of system initialization. In typical configurations it
4044
is called automatically by the system startup, but some applications
4045
may bypass the standard startup in which case
4046
cyg_scheduler_start will have to be called
4047
explicitly. The call will enable system interrupts, allowing I/O
4048
operations to commence. Then the scheduler will be invoked and control
4049
will be transferred to the highest priority runnable thread. The call
4050
will never return.
4051
      
4052
      
4053
The various data structures inside the eCos kernel must be protected
4054
against concurrent updates. Consider a call to
4055
cyg_semaphore_post which causes a thread to be
4056
woken up: the semaphore data structure must be updated to remove the
4057
thread from its queue; the scheduler data structure must also be
4058
updated to mark the thread as runnable; it is possible that the newly
4059
runnable thread has a higher priority than the current one, in which
4060
case preemption is required. If in the middle of the semaphore post
4061
call an interrupt occurred and the interrupt handler tried to
4062
manipulate the same data structures, for example by making another
4063
thread runnable, then it is likely that the structures will be left in
4064
an inconsistent state and the system will fail.
4065
      
4066
      
4067
To prevent such problems the kernel contains a special lock known as
4068
the scheduler lock. A typical kernel function such as
4069
cyg_semaphore_post will claim the scheduler lock,
4070
do all its manipulation of kernel data structures, and then release
4071
the scheduler lock. The current thread cannot be preempted while it
4072
holds the scheduler lock. If an interrupt occurs and a DSR is supposed
4073
to run to signal that some event has occurred, that DSR is postponed
4074
until the scheduler unlock operation. This prevents concurrent updates
4075
of kernel data structures.
4076
      
4077
      
4078
The kernel exports three routines for manipulating the scheduler lock.
4079
cyg_scheduler_lock can be called to claim the
4080
lock. On return it is guaranteed that the current thread will not be
4081
preempted, and that no other code is manipulating any kernel data
4082
structures. cyg_scheduler_unlock can be used to
4083
release the lock, which may cause the current thread to be preempted.
4084
cyg_scheduler_read_lock can be used to query the
4085
current state of the scheduler lock. This function should never be
4086
needed because well-written code should always know whether or not the
4087
scheduler is currently locked, but may prove useful during debugging.
4088
      
4089
      
4090
The implementation of the scheduler lock involves a simple counter.
4091
Code can call cyg_scheduler_lock multiple times,
4092
causing the counter to be incremented each time, as long as
4093
cyg_scheduler_unlock is called the same number of
4094
times. This behaviour is different from mutexes where an attempt by a
4095
thread to lock a mutex multiple times will result in deadlock or an
4096
assertion failure.
4097
      
4098
      
4099
Typical application code should not use the scheduler lock. Instead
4100
other synchronization primitives such as mutexes and semaphores should
4101
be used. While the scheduler is locked the current thread cannot be
4102
preempted, so any higher priority threads will not be able to run.
4103
Also no DSRs can run, so device drivers may not be able to service
4104
I/O requests. However there is one situation where locking the
4105
scheduler is appropriate: if some data structure needs to be shared
4106
between an application thread and a DSR associated with some interrupt
4107
source, the thread can use the scheduler lock to prevent concurrent
4108
invocations of the DSR and then safely manipulate the structure. It is
4109
desirable that the scheduler lock is held for only a short period of
4110
time, typically some tens of instructions. In exceptional cases there
4111
may also be some performance-critical code where it is more
4112
appropriate to use the scheduler lock rather than a mutex, because the
4113
former is more efficient.
4114
      
4115
    
4116
 
4117
    Valid contexts
4118
      
4119
cyg_scheduler_start can only be called during
4120
system initialization, since it marks the end of that phase. The
4121
remaining functions may be called from thread or DSR context. Locking
4122
the scheduler from inside the DSR has no practical effect because the
4123
lock is claimed automatically by the interrupt subsystem before
4124
running DSRs, but allows functions to be shared between normal thread
4125
code and DSRs.
4126
      
4127
    
4128
 
4129
  
4130
 
4131
4132
4133
 
4134
  
4135
 
4136
    
4137
    Interrupt Handling
4138
    
4139
 
4140
    
4141
      cyg_interrupt_create
4142
      cyg_interrupt_delete
4143
      cyg_interrupt_attach
4144
      cyg_interrupt_detach
4145
      cyg_interrupt_configure
4146
      cyg_interrupt_acknowledge
4147
      cyg_interrupt_enable
4148
      cyg_interrupt_disable
4149
      cyg_interrupt_mask
4150
      cyg_interrupt_mask_intunsafe
4151
      cyg_interrupt_unmask
4152
      cyg_interrupt_unmask_intunsafe
4153
      cyg_interrupt_set_cpu
4154
      cyg_interrupt_get_cpu
4155
      cyg_interrupt_get_vsr
4156
      cyg_interrupt_set_vsr
4157
      Manage interrupt handlers
4158
    
4159
 
4160
    
4161
      
4162
        
4163
#include <cyg/kernel/kapi.h>
4164
        
4165
        
4166
          void cyg_interrupt_create
4167
          cyg_vector_t vector
4168
          cyg_priority_t priority
4169
          cyg_addrword_t data
4170
          cyg_ISR_t* isr
4171
          cyg_DSR_t* dsr
4172
          cyg_handle_t* handle
4173
          cyg_interrupt* intr
4174
        
4175
        
4176
          void cyg_interrupt_delete
4177
          cyg_handle_t interrupt
4178
        
4179
        
4180
          void cyg_interrupt_attach
4181
          cyg_handle_t interrupt
4182
        
4183
        
4184
          void cyg_interrupt_detach
4185
          cyg_handle_t interrupt
4186
        
4187
        
4188
          void cyg_interrupt_configure
4189
          cyg_vector_t vector
4190
          cyg_bool_t level
4191
          cyg_bool_t up
4192
        
4193
        
4194
          void cyg_interrupt_acknowledge
4195
          cyg_vector_t vector
4196
        
4197
        
4198
          void cyg_interrupt_disable
4199
          
4200
        
4201
        
4202
          void cyg_interrupt_enable
4203
          
4204
        
4205
        
4206
          void cyg_interrupt_mask
4207
          cyg_vector_t vector
4208
        
4209
        
4210
          void cyg_interrupt_mask_intunsafe
4211
          cyg_vector_t vector
4212
        
4213
        
4214
          void cyg_interrupt_unmask
4215
          cyg_vector_t vector
4216
        
4217
        
4218
          void cyg_interrupt_unmask_intunsafe
4219
          cyg_vector_t vector
4220
        
4221
        
4222
          void cyg_interrupt_set_cpu
4223
          cyg_vector_t vector
4224
          cyg_cpu_t cpu
4225
        
4226
        
4227
          cyg_cpu_t cyg_interrupt_get_cpu
4228
          cyg_vector_t vector
4229
        
4230
        
4231
          void cyg_interrupt_get_vsr
4232
          cyg_vector_t vector
4233
          cyg_VSR_t** vsr
4234
        
4235
        
4236
          void cyg_interrupt_set_vsr
4237
          cyg_vector_t vector
4238
          cyg_VSR_t* vsr
4239
        
4240
      
4241
    
4242
 
4243
    Description
4244
      
4245
The kernel provides an interface for installing interrupt handlers and
4246
controlling when interrupts occur. This functionality is used
4247
primarily by eCos device drivers and by any application code that
4248
interacts directly with hardware. However in most cases it is better
4249
to avoid using this kernel functionality directly, and instead the
4250
device driver API provided by the common HAL package should be used.
4251
Use of the kernel package is optional, and some applications such as
4252
RedBoot work with no need for multiple threads or synchronization
4253
primitives. Any code which calls the kernel directly rather than the
4254
device driver API will not function in such a configuration. When the
4255
kernel package is present the device driver API is implemented as
4256
#define's to the equivalent kernel calls, otherwise
4257
it is implemented inside the common HAL package. The latter
4258
implementation can be simpler than the kernel one because there is no
4259
need to consider thread preemption and similar issues.
4260
      
4261
      
4262
The exact details of interrupt handling vary widely between
4263
architectures. The functionality provided by the kernel abstracts away
4264
from many of the details of the underlying hardware, thus simplifying
4265
application development. However this is not always successful. For
4266
example, if some hardware does not provide any support at all for
4267
masking specific interrupts then calling
4268
cyg_interrupt_mask may not behave as intended:
4269
instead of masking just the one interrupt source it might disable all
4270
interrupts, because that is as close to the desired behaviour as is
4271
possible given the hardware restrictions. Another possibility is that
4272
masking a given interrupt source also affects all lower-priority
4273
interrupts, but still allows higher-priority ones. The documentation
4274
for the appropriate HAL packages should be consulted for more
4275
information about exactly how interrupts are handled on any given
4276
hardware. The HAL header files will also contain useful information.
4277
      
4278
    
4279
 
4280
    Interrupt Handlers
4281
      
4282
Interrupt handlers are created by a call to
4283
cyg_interrupt_create. This takes the following
4284
arguments:
4285
      
4286
      
4287
        
4288
          cyg_vector_t vector
4289
          
4290
The interrupt vector, a small integer, identifies the specific
4291
interrupt source. The appropriate hardware documentation or HAL header
4292
files should be consulted for details of which vector corresponds to
4293
which device.
4294
          
4295
        
4296
        
4297
          cyg_priority_t priority
4298
          
4299
Some hardware may support interrupt priorities, where a low priority
4300
interrupt handler can in turn be interrupted by a higher priority one.
4301
Again hardware-specific documentation should be consulted for details
4302
about what the valid interrupt priority levels are.
4303
          
4304
        
4305
        
4306
          cyg_addrword_t data
4307
          
4308
When an interrupt occurs eCos will first call the associated
4309
interrupt service routine or ISR, then optionally a deferred service
4310
routine or DSR. The data argument to
4311
cyg_interrupt_create will be passed to both these
4312
functions. Typically it will be a pointer to some data structure.
4313
          
4314
        
4315
        
4316
          cyg_ISR_t isr
4317
          
4318
When an interrupt occurs the hardware will transfer control to the
4319
appropriate vector service routine or VSR, which is usually provided
4320
by eCos. This performs any appropriate processing, for example to work
4321
out exactly which interrupt occurred, and then as quickly as possible
4322
transfers control the installed ISR. An ISR is a C function which
4323
takes the following form:
4324
          
4325
          
4326
cyg_uint32
4327
isr_function(cyg_vector_t vector, cyg_addrword_t data)
4328
{
4329
    cyg_bool_t dsr_required = 0;
4330
 
4331
4332
 
4333
    return dsr_required ? CYG_ISR_CALL_DSR : CYG_ISR_HANDLED;
4334
}
4335
          
4336
          
4337
The first argument identifies the particular interrupt source,
4338
especially useful if there multiple instances of a given device and a
4339
single ISR can be used for several different interrupt vectors. The
4340
second argument is the data field passed to
4341
cyg_interrupt_create, usually a pointer to some
4342
data structure. The exact conditions under which an ISR runs will
4343
depend partly on the hardware and partly on configuration options.
4344
Interrupts may currently be disabled globally, especially if the
4345
hardware does not support interrupt priorities. Alternatively
4346
interrupts may be enabled such that higher priority interrupts are
4347
allowed through. The ISR may be running on a separate interrupt stack,
4348
or on the stack of whichever thread was running at the time the
4349
interrupt happened.
4350
          
4351
          
4352
A typical ISR will do as little work as possible, just enough to meet
4353
the needs of the hardware and then acknowledge the interrupt by
4354
calling cyg_interrupt_acknowledge. This ensures
4355
that interrupts will be quickly reenabled, so higher priority devices
4356
can be serviced. For some applications there may be one device which
4357
is especially important and whose ISR can take much longer than
4358
normal. However eCos device drivers usually will not assume that they
4359
are especially important, so their ISRs will be as short as possible.
4360
          
4361
          
4362
The return value of an ISR is normally one of
4363
CYG_ISR_CALL_DSR or
4364
CYG_ISR_HANDLED. The former indicates that further
4365
processing is required at DSR level, and the interrupt handler's DSR
4366
will be run as soon as possible. The latter indicates that the
4367
interrupt has been fully handled and no further effort is required.
4368
          
4369
          
4370
An ISR is allowed to make very few kernel calls. It can manipulate the
4371
interrupt mask, and on SMP systems it can use spinlocks. However an
4372
ISR must not make higher-level kernel calls such as posting to a
4373
semaphore, instead any such calls must be made from the DSR. This
4374
avoids having to disable interrupts throughout the kernel and thus
4375
improves interrupt latency.
4376
          
4377
        
4378
        
4379
          cyg_DSR_t dsr
4380
          
4381
If an interrupt has occurred and the ISR has returned a value
4382
CYG_ISR_CALL_DSR, the system will call the
4383
deferred service routine or DSR associated with this interrupt
4384
handler. If the scheduler is not currently locked then the DSR will
4385
run immediately. However if the interrupted thread was in the middle
4386
of a kernel call and had locked the scheduler, then the DSR will be
4387
deferred until the scheduler is again unlocked. This allows the
4388
DSR to make certain kernel calls safely, for example posting to a
4389
semaphore or signalling a condition variable. A DSR is a C function
4390
which takes the following form:
4391
          
4392
          
4393
void
4394
dsr_function(cyg_vector_t vector,
4395
             cyg_ucount32 count,
4396
             cyg_addrword_t data)
4397
{
4398
}
4399
          
4400
          
4401
The first argument identifies the specific interrupt that has caused
4402
the DSR to run. The second argument indicates the number of these
4403
interrupts that have occurred and for which the ISR requested a DSR.
4404
Usually this will be 1, unless the system is
4405
suffering from a very heavy load. The third argument is the
4406
data field passed to
4407
cyg_interrupt_create.
4408
          
4409
        
4410
        
4411
          cyg_handle_t* handle
4412
          
4413
The kernel will return a handle to the newly created interrupt handler
4414
via this argument. Subsequent operations on the interrupt handler such
4415
as attaching it to the interrupt source will use this handle.
4416
          
4417
        
4418
        
4419
          cyg_interrupt* intr
4420
          
4421
This provides the kernel with an area of memory for holding this
4422
interrupt handler and associated data.
4423
          
4424
        
4425
      
4426
      
4427
The call to cyg_interrupt_create simply fills in
4428
a kernel data structure. A typical next step is to call
4429
cyg_interrupt_attach using the handle returned by
4430
the create operation. This makes it possible to have several different
4431
interrupt handlers for a given vector, attaching whichever one is
4432
currently appropriate. Replacing an interrupt handler requires a call
4433
to cyg_interrupt_detach, followed by another call
4434
to cyg_interrupt_attach for the replacement
4435
handler. cyg_interrupt_delete can be used if an
4436
interrupt handler is no longer required.
4437
      
4438
      
4439
Some hardware may allow for further control over specific interrupts,
4440
for example whether an interrupt is level or edge triggered. Any such
4441
hardware functionality can be accessed using
4442
cyg_interrupt_configure: the
4443
level argument selects between level versus
4444
edge triggered; the up argument selects between
4445
high and low level, or between rising and falling edges.
4446
      
4447
      
4448
Usually interrupt handlers are created, attached and configured during
4449
system initialization, while global interrupts are still disabled. On
4450
most hardware it will also be necessary to call
4451
cyg_interrupt_unmask, since the sensible default
4452
for interrupt masking is to ignore any interrupts for which no handler
4453
is installed.
4454
      
4455
    
4456
 
4457
    Controlling Interrupts
4458
      
4459
eCos provides two ways of controlling whether or not interrupts
4460
happen. It is possible to disable and reenable all interrupts
4461
globally, using cyg_interrupt_disable and
4462
cyg_interrupt_enable. Typically this works by
4463
manipulating state inside the cpu itself, for example setting a flag
4464
in a status register or executing special instructions. Alternatively
4465
it may be possible to mask a specific interrupt source by writing to
4466
one or to several interrupt mask registers. Hardware-specific
4467
documentation should be consulted for the exact details of how
4468
interrupt masking works, because a full implementation is not possible
4469
on all hardware.
4470
      
4471
      
4472
The primary use for these functions is to allow data to be shared
4473
between ISRs and other code such as DSRs or threads. If both a thread
4474
and an ISR need to manipulate either a data structure or the hardware
4475
itself, there is a possible conflict if an interrupt happens just when
4476
the thread is doing such manipulation. Problems can be avoided by the
4477
thread either disabling or masking interrupts during the critical
4478
region. If this critical region requires only a few instructions then
4479
usually it is more efficient to disable interrupts. For larger
4480
critical regions it may be more appropriate to use interrupt masking,
4481
allowing other interrupts to occur. There are other uses for interrupt
4482
masking. For example if a device is not currently being used by the
4483
application then it may be desirable to mask all interrupts generated
4484
by that device.
4485
      
4486
      
4487
There are two functions for masking a specific interrupt source,
4488
cyg_interrupt_mask and
4489
cyg_interrupt_mask_intunsafe. On typical hardware
4490
masking an interrupt is not an atomic operation, so if two threads
4491
were to perform interrupt masking operations at the same time there
4492
could be problems. cyg_interrupt_mask disables
4493
all interrupts while it manipulates the interrupt mask. In situations
4494
where interrupts are already know to be disabled,
4495
cyg_interrupt_mask_intunsafe can be used
4496
instead. There are matching functions
4497
cyg_interrupt_unmask and
4498
cyg_interrupt_unmask_intsafe.
4499
      
4500
    
4501
 
4502
    SMP Support
4503
      
4504
On SMP systems the kernel provides an additional two functions related
4505
to interrupt handling. cyg_interrupt_set_cpu
4506
specifies that a particular hardware interrupt should always be
4507
handled on one specific processor in the system. In other words when
4508
the interrupt triggers it is only that processor which detects it, and
4509
it is only on that processor that the VSR and ISR will run. If a DSR
4510
is requested then it will also run on the same CPU. The
4511
function cyg_interrupt_get_cpu can be used to
4512
find out which interrupts are handled on which processor.
4513
      
4514
    
4515
 
4516
    VSR Support
4517
      
4518
When an interrupt occurs the hardware will transfer control to a piece
4519
of code known as the VSR, or Vector Service Routine. By default this
4520
code is provided by eCos. Usually it is written in assembler, but on
4521
some architectures it may be possible to implement VSRs in C by
4522
specifying an interrupt attribute. Compiler documentation should be
4523
consulted for more information on this. The default eCos VSR will work
4524
out which ISR function should process the interrupt, and set up a C
4525
environment suitable for this ISR.
4526
      
4527
      
4528
For some applications it may be desirable to replace the default eCos
4529
VSR and handle some interrupts directly. This minimizes interrupt
4530
latency, but it requires application developers to program at a lower
4531
level. Usually the best way to write a custom VSR is to copy the
4532
existing one supplied by eCos and then make appropriate modifications.
4533
The function cyg_interrupt_get_vsr can be used to
4534
get hold of the current VSR for a given interrupt vector, allowing it
4535
to be restored if the custom VSR is no longer required.
4536
cyg_interrupt_set_vsr can be used to install a
4537
replacement VSR. Usually the vsr argument will
4538
correspond to an exported label in an assembler source file.
4539
      
4540
    
4541
 
4542
    Valid contexts
4543
      
4544
In a typical configuration interrupt handlers are created and attached
4545
during system initialization, and never detached or deleted. However
4546
it is possible to perform these operations at thread level, if
4547
desired. Similarly cyg_interrupt_configure,
4548
cyg_interrupt_set_vsr, and
4549
cyg_interrupt_set_cpu are usually called only
4550
during system initialization, but on typical hardware may be called at
4551
any time. cyg_interrupt_get_vsr and
4552
cyg_interrupt_get_cpu may be called at any time.
4553
      
4554
      
4555
The functions for enabling, disabling, masking and unmasking
4556
interrupts can be called in any context, when appropriate. It is the
4557
responsibility of application developers to determine when the use of
4558
these functions is appropriate.
4559
      
4560
    
4561
 
4562
  
4563
 
4564
4565
4566
 
4567
  
4568
 
4569
    
4570
    Kernel Real-time Characterization
4571
    
4572
    
4573
      tm_basic
4574
      Measure the performance of the eCos kernel
4575
    
4576
 
4577
    
4578
      Description
4579
        
4580
When building a real-time system, care must be taken to ensure that
4581
the system will be able to perform properly within the constraints of
4582
that system. One of these constraints may be how fast certain
4583
operations can be performed. Another might be how deterministic the
4584
overall behavior of the system is. Lastly the memory footprint (size)
4585
and unit cost may be important.
4586
        
4587
        
4588
One of the major problems encountered while evaluating a system will
4589
be how to compare it with possible alternatives. Most manufacturers of
4590
real-time systems publish performance numbers, ostensibly so that
4591
users can compare the different offerings. However, what these numbers
4592
mean and how they were gathered is often not clear. The values are
4593
typically measured on a particular piece of hardware, so in order to
4594
truly compare, one must obtain measurements for exactly the same set
4595
of hardware that were gathered in a similar fashion.
4596
        
4597
        
4598
Two major items need to be present in any given set of measurements.
4599
First, the raw values for the various operations; these are typically
4600
quite easy to measure and will be available for most systems. Second,
4601
the determinacy of the numbers; in other words how much the value
4602
might change depending on other factors within the system. This value
4603
is affected by a number of factors: how long interrupts might be
4604
masked, whether or not the function can be interrupted, even very
4605
hardware-specific effects such as cache locality and pipeline usage.
4606
It is very difficult to measure the determinacy of any given
4607
operation, but that determinacy is fundamentally important to proper
4608
overall characterization of a system.
4609
        
4610
        
4611
In the discussion and numbers that follow, three key measurements are
4612
provided. The first measurement is an estimate of the interrupt
4613
latency: this is the length of time from when a hardware interrupt
4614
occurs until its Interrupt Service Routine (ISR) is called. The second
4615
measurement is an estimate of overall interrupt overhead: this is the
4616
length of time average interrupt processing takes, as measured by the
4617
real-time clock interrupt (other interrupt sources will certainly take
4618
a different amount of time, but this data cannot be easily gathered).
4619
The third measurement consists of the timings for the various kernel
4620
primitives.
4621
          
4622
        
4623
        
4624
          Methodology
4625
          
4626
Key operations in the kernel were measured by using a simple test
4627
program which exercises the various kernel primitive operations. A
4628
hardware timer, normally the one used to drive the real-time clock,
4629
was used for these measurements. In most cases this timer can be read
4630
with quite high resolution, typically in the range of a few
4631
microseconds. For each measurement, the operation was repeated a
4632
number of times. Time stamps were obtained directly before and after
4633
the operation was performed. The data gathered for the entire set of
4634
operations was then analyzed, generating average (mean), maximum and
4635
minimum values. The sample variance (a measure of how close most
4636
samples are to the mean) was also calculated. The cost of obtaining
4637
the real-time clock timer values was also measured, and was subtracted
4638
from all other times.
4639
          
4640
          
4641
Most kernel functions can be measured separately. In each case, a
4642
reasonable number of iterations are performed. Where the test case
4643
involves a kernel object, for example creating a task, each iteration
4644
is performed on a different object. There is also a set of tests which
4645
measures the interactions between multiple tasks and certain kernel
4646
primitives. Most functions are tested in such a way as to determine
4647
the variations introduced by varying numbers of objects in the system.
4648
For example, the mailbox tests measure the cost of a 'peek' operation
4649
when the mailbox is empty, has a single item, and has multiple items
4650
present. In this way, any effects of the state of the object or how
4651
many items it contains can be determined.
4652
          
4653
          
4654
There are a few things to consider about these measurements. Firstly,
4655
they are quite micro in scale and only measure the operation in
4656
question. These measurements do not adequately describe how the
4657
timings would be perturbed in a real system with multiple interrupting
4658
sources. Secondly, the possible aberration incurred by the real-time
4659
clock (system heartbeat tick) is explicitly avoided. Virtually all
4660
kernel functions have been designed to be interruptible. Thus the
4661
times presented are typical, but best case, since any particular
4662
function may be interrupted by the clock tick processing. This number
4663
is explicitly calculated so that the value may be included in any
4664
deadline calculations required by the end user. Lastly, the reported
4665
measurements were obtained from a system built with all options at
4666
their default values. Kernel instrumentation and asserts are also
4667
disabled for these measurements. Any number of configuration options
4668
can change the measured results, sometimes quite dramatically. For
4669
example, mutexes are using priority inheritance in these measurements.
4670
The numbers will change if the system is built with priority
4671
inheritance on mutex variables turned off.
4672
          
4673
          
4674
The final value that is measured is an estimate of interrupt latency.
4675
This particular value is not explicitly calculated in the test program
4676
used, but rather by instrumenting the kernel itself. The raw number of
4677
timer ticks that elapse between the time the timer generates an
4678
interrupt and the start of the timer ISR is kept in the kernel. These
4679
values are printed by the test program after all other operations have
4680
been tested. Thus this should be a reasonable estimate of the
4681
interrupt latency over time.
4682
          
4683
        
4684
 
4685
        
4686
          Using these Measurements
4687
          
4688
These measurements can be used in a number of ways. The most typical
4689
use will be to compare different real-time kernel offerings on similar
4690
hardware, another will be to estimate the cost of implementing a task
4691
using eCos (applications can be examined to see what effect the kernel
4692
operations will have on the total execution time). Another use would
4693
be to observe how the tuning of the kernel affects overall operation.
4694
          
4695
        
4696
 
4697
        
4698
          Influences on Performance
4699
            
4700
A number of factors can affect real-time performance in a system. One
4701
of the most common factors, yet most difficult to characterize, is the
4702
effect of device drivers and interrupts on system timings. Different
4703
device drivers will have differing requirements as to how long
4704
interrupts are suppressed, for example. The eCos system has been
4705
designed with this in mind, by separating the management of interrupts
4706
(ISR handlers) and the processing required by the interrupt
4707
(DSR—Deferred Service Routine— handlers). However, since
4708
there is so much variability here, and indeed most device drivers will
4709
come from the end users themselves, these effects cannot be reliably
4710
measured. Attempts have been made to measure the overhead of the
4711
single interrupt that eCos relies on, the real-time clock timer. This
4712
should give you a reasonable idea of the cost of executing interrupt
4713
handling for devices.
4714
          
4715
        
4716
 
4717
       
4718
         Measured Items
4719
         
4720
This section describes the various tests and the numbers presented.
4721
All tests use the C kernel API (available by way of
4722
cyg/kernel/kapi.h). There is a single main thread
4723
in the system that performs the various tests. Additional threads may
4724
be created as part of the testing, but these are short lived and are
4725
destroyed between tests unless otherwise noted. The terminology
4726
“lower priority” means a priority that is less important,
4727
not necessarily lower in numerical value. A higher priority thread
4728
will run in preference to a lower priority thread even though the
4729
priority value of the higher priority thread may be numerically less
4730
than that of the lower priority thread.
4731
          
4732
 
4733
          
4734
            Thread Primitives
4735
            
4736
              
4737
                Create thread
4738
                
4739
This test measures the cyg_thread_create() call.
4740
Each call creates a totally new thread. The set of threads created by
4741
this test will be reused in the subsequent thread primitive tests.
4742
                
4743
              
4744
              
4745
                Yield thread
4746
                
4747
This test measures the cyg_thread_yield() call.
4748
For this test, there are no other runnable threads, thus the test
4749
should just measure the overhead of trying to give up the CPU.
4750
                
4751
              
4752
              
4753
                Suspend [suspended] thread
4754
                
4755
This test measures the cyg_thread_suspend() call.
4756
A thread may be suspended multiple times; each thread is already
4757
suspended from its initial creation, and is suspended again.
4758
                
4759
              
4760
              
4761
                Resume thread
4762
                
4763
This test measures the cyg_thread_resume() call.
4764
All of the threads have a suspend count of 2, thus this call does not
4765
make them runnable. This test just measures the overhead of resuming a
4766
thread.
4767
                
4768
              
4769
              
4770
                Set priority
4771
                
4772
This test measures the cyg_thread_set_priority()
4773
call. Each thread, currently suspended, has its priority set to a new
4774
value.
4775
                
4776
              
4777
              
4778
                Get priority
4779
                
4780
This test measures the cyg_thread_get_priority()
4781
call.
4782
                
4783
              
4784
              
4785
                Kill [suspended] thread
4786
                
4787
This test measures the cyg_thread_kill() call.
4788
Each thread in the set is killed. All threads are known to be
4789
suspended before being killed.
4790
                
4791
              
4792
              
4793
                Yield [no other] thread
4794
                
4795
This test measures the cyg_thread_yield() call
4796
again. This is to demonstrate that the
4797
cyg_thread_yield() call has a fixed overhead,
4798
regardless of whether there are other threads in the system.
4799
                
4800
              
4801
              
4802
                Resume [suspended low priority] thread
4803
                
4804
This test measures the cyg_thread_resume() call
4805
again. In this case, the thread being resumed is lower priority than
4806
the main thread, thus it will simply become ready to run but not be
4807
granted the CPU. This test measures the cost of making a thread ready
4808
to run.
4809
                
4810
              
4811
              
4812
                Resume [runnable low priority] thread
4813
                
4814
This test measures the cyg_thread_resume() call
4815
again. In this case, the thread being resumed is lower priority than
4816
the main thread and has already been made runnable, so in fact the
4817
resume call has no effect.
4818
                
4819
              
4820
              
4821
                Suspend [runnable] thread
4822
                
4823
This test measures the cyg_thread_suspend() call
4824
again. In this case, each thread has already been made runnable (by
4825
previous tests).
4826
                
4827
              
4828
              
4829
                Yield [only low priority] thread
4830
                
4831
This test measures the cyg_thread_yield() call.
4832
In this case, there are many other runnable threads, but they are all
4833
lower priority than the main thread, thus no thread switches will take
4834
place.
4835
                
4836
              
4837
              
4838
                Suspend [runnable->not runnable] thread
4839
                
4840
This test measures the cyg_thread_suspend() call
4841
again. The thread being suspended will become non-runnable by this
4842
action.
4843
                
4844
              
4845
              
4846
                Kill [runnable] thread
4847
                
4848
This test measures the cyg_thread_kill() call
4849
again. In this case, the thread being killed is currently runnable,
4850
but lower priority than the main thread.
4851
                
4852
              
4853
              
4854
                Resume [high priority] thread
4855
                
4856
This test measures the cyg_thread_resume() call.
4857
The thread being resumed is higher priority than the main thread, thus
4858
a thread switch will take place on each call. In fact there will be
4859
two thread switches; one to the new higher priority thread and a
4860
second back to the test thread. The test thread exits immediately.
4861
                
4862
              
4863
              
4864
                Thread switch
4865
                
4866
This test attempts to measure the cost of switching from one thread to
4867
another. Two equal priority threads are started and they will each
4868
yield to the other for a number of iterations. A time stamp is
4869
gathered in one thread before the
4870
cyg_thread_yield() call and after the call in the
4871
other thread.
4872
                
4873
              
4874
            
4875
          
4876
 
4877
          
4878
            Scheduler Primitives
4879
            
4880
              
4881
                Scheduler lock
4882
                
4883
This test measures the cyg_scheduler_lock() call.
4884
                
4885
              
4886
              
4887
                Scheduler unlock [0 threads]
4888
                
4889
This test measures the cyg_scheduler_unlock()
4890
call. There are no other threads in the system and the unlock happens
4891
immediately after a lock so there will be no pending DSR’s to
4892
run.
4893
                
4894
              
4895
              
4896
                Scheduler unlock [1 suspended thread]
4897
                
4898
This test measures the cyg_scheduler_unlock()
4899
call. There is one other thread in the system which is currently
4900
suspended.
4901
                
4902
              
4903
              
4904
                Scheduler unlock [many suspended threads]
4905
                
4906
This test measures the cyg_scheduler_unlock()
4907
call. There are many other threads in the system which are currently
4908
suspended. The purpose of this test is to determine the cost of having
4909
additional threads in the system when the scheduler is activated by
4910
way of cyg_scheduler_unlock().
4911
                
4912
              
4913
              
4914
                Scheduler unlock [many low priority threads]
4915
                
4916
This test measures the cyg_scheduler_unlock()
4917
call. There are many other threads in the system which are runnable
4918
but are lower priority than the main thread. The purpose of this test
4919
is to determine the cost of having additional threads in the system
4920
when the scheduler is activated by way of
4921
cyg_scheduler_unlock().
4922
                
4923
              
4924
            
4925
          
4926
 
4927
          
4928
            Mutex Primitives
4929
            
4930
              
4931
                Init mutex
4932
                
4933
This test measures the cyg_mutex_init() call. A
4934
number of separate mutex variables are created. The purpose of this
4935
test is to measure the cost of creating a new mutex and introducing it
4936
to the system.
4937
                
4938
              
4939
              
4940
                Lock [unlocked] mutex
4941
                
4942
This test measures the cyg_mutex_lock() call. The
4943
purpose of this test is to measure the cost of locking a mutex which
4944
is currently unlocked. There are no other threads executing in the
4945
system while this test runs.
4946
                
4947
              
4948
              
4949
                Unlock [locked] mutex
4950
                
4951
This test measures the cyg_mutex_unlock() call.
4952
The purpose of this test is to measure the cost of unlocking a mutex
4953
which is currently locked. There are no other threads executing in the
4954
system while this test runs.
4955
                
4956
              
4957
              
4958
                Trylock [unlocked] mutex
4959
                
4960
This test measures the cyg_mutex_trylock() call.
4961
The purpose of this test is to measure the cost of locking a mutex
4962
which is currently unlocked. There are no other threads executing in
4963
the system while this test runs.
4964
                
4965
              
4966
              
4967
                Trylock [locked] mutex
4968
                
4969
This test measures the cyg_mutex_trylock() call.
4970
The purpose of this test is to measure the cost of locking a mutex
4971
which is currently locked. There are no other threads executing in the
4972
system while this test runs.
4973
                
4974
              
4975
              
4976
                Destroy mutex
4977
                
4978
This test measures the cyg_mutex_destroy() call.
4979
The purpose of this test is to measure the cost of deleting a mutex
4980
from the system. There are no other threads executing in the system
4981
while this test runs.
4982
                
4983
              
4984
              
4985
                Unlock/Lock mutex
4986
                
4987
This test attempts to measure the cost of unlocking a mutex for which
4988
there is another higher priority thread waiting. When the mutex is
4989
unlocked, the higher priority waiting thread will immediately take the
4990
lock. The time from when the unlock is issued until after the lock
4991
succeeds in the second thread is measured, thus giving the round-trip
4992
or circuit time for this type of synchronizer.
4993
                
4994
              
4995
            
4996
          
4997
 
4998
          
4999
            Mailbox Primitives
5000
            
5001
              
5002
                Create mbox
5003
                
5004
This test measures the cyg_mbox_create() call. A
5005
number of separate mailboxes is created. The purpose of this test is
5006
to measure the cost of creating a new mailbox and introducing it to
5007
the system.
5008
                
5009
              
5010
              
5011
                Peek [empty] mbox
5012
                
5013
This test measures the cyg_mbox_peek() call. An
5014
attempt is made to peek the value in each mailbox, which is currently
5015
empty. The purpose of this test is to measure the cost of checking a
5016
mailbox for a value without blocking.
5017
                
5018
              
5019
              
5020
                Put [first] mbox
5021
                
5022
This test measures the cyg_mbox_put() call. One
5023
item is added to a currently empty mailbox. The purpose of this test
5024
is to measure the cost of adding an item to a mailbox. There are no
5025
other threads currently waiting for mailbox items to arrive.
5026
                
5027
              
5028
              
5029
                Peek [1 msg] mbox
5030
                
5031
This test measures the cyg_mbox_peek() call. An
5032
attempt is made to peek the value in each mailbox, which contains a
5033
single item. The purpose of this test is to measure the cost of
5034
checking a mailbox which has data to deliver.
5035
                
5036
              
5037
              
5038
                Put [second] mbox
5039
                
5040
This test measures the cyg_mbox_put() call. A
5041
second item is added to a mailbox. The purpose of this test is to
5042
measure the cost of adding an additional item to a mailbox. There are
5043
no other threads currently waiting for mailbox items to arrive.
5044
                
5045
              
5046
              
5047
                Peek [2 msgs] mbox
5048
                
5049
This test measures the cyg_mbox_peek() call. An
5050
attempt is made to peek the value in each mailbox, which contains two
5051
items. The purpose of this test is to measure the cost of checking a
5052
mailbox which has data to deliver.
5053
                
5054
              
5055
              
5056
                Get [first] mbox
5057
                
5058
This test measures the cyg_mbox_get() call. The
5059
first item is removed from a mailbox that currently contains two
5060
items. The purpose of this test is to measure the cost of obtaining an
5061
item from a mailbox without blocking.
5062
              
5063
              
5064
              
5065
                Get [second] mbox
5066
                
5067
This test measures the cyg_mbox_get() call. The
5068
last item is removed from a mailbox that currently contains one item.
5069
The purpose of this test is to measure the cost of obtaining an item
5070
from a mailbox without blocking.
5071
                
5072
              
5073
              
5074
                Tryput [first] mbox
5075
                
5076
This test measures the cyg_mbox_tryput() call. A
5077
single item is added to a currently empty mailbox. The purpose of this
5078
test is to measure the cost of adding an item to a mailbox.
5079
                
5080
              
5081
              
5082
                Peek item [non-empty] mbox
5083
                
5084
This test measures the cyg_mbox_peek_item() call.
5085
A single item is fetched from a mailbox that contains a single item.
5086
The purpose of this test is to measure the cost of obtaining an item
5087
without disturbing the mailbox.
5088
                
5089
              
5090
              
5091
                Tryget [non-empty] mbox
5092
                
5093
This test measures the cyg_mbox_tryget() call. A
5094
single item is removed from a mailbox that contains exactly one item.
5095
The purpose of this test is to measure the cost of obtaining one item
5096
from a non-empty mailbox.
5097
                
5098
              
5099
              
5100
                Peek item [empty] mbox
5101
                
5102
This test measures the cyg_mbox_peek_item() call.
5103
An attempt is made to fetch an item from a mailbox that is empty. The
5104
purpose of this test is to measure the cost of trying to obtain an
5105
item when the mailbox is empty.
5106
                
5107
              
5108
              
5109
                Tryget [empty] mbox
5110
                
5111
This test measures the cyg_mbox_tryget() call. An
5112
attempt is made to fetch an item from a mailbox that is empty. The
5113
purpose of this test is to measure the cost of trying to obtain an
5114
item when the mailbox is empty.
5115
                
5116
              
5117
              
5118
                Waiting to get mbox
5119
                
5120
This test measures the cyg_mbox_waiting_to_get()
5121
call. The purpose of this test is to measure the cost of determining
5122
how many threads are waiting to obtain a message from this mailbox.
5123
                
5124
              
5125
              
5126
                Waiting to put mbox
5127
                
5128
This test measures the cyg_mbox_waiting_to_put()
5129
call. The purpose of this test is to measure the cost of determining
5130
how many threads are waiting to put a message into this mailbox.
5131
                
5132
              
5133
              
5134
                Delete mbox
5135
                
5136
This test measures the cyg_mbox_delete() call.
5137
The purpose of this test is to measure the cost of destroying a
5138
mailbox and removing it from the system.
5139
                
5140
              
5141
              
5142
                Put/Get mbox
5143
                
5144
In this round-trip test, one thread is sending data to a mailbox that
5145
is being consumed by another thread. The time from when the data is
5146
put into the mailbox until it has been delivered to the waiting thread
5147
is measured. Note that this time will contain a thread switch.
5148
                
5149
              
5150
            
5151
          
5152
 
5153
          
5154
            Semaphore Primitives
5155
            
5156
              
5157
                Init semaphore
5158
                
5159
This test measures the cyg_semaphore_init() call.
5160
A number of separate semaphore objects are created and introduced to
5161
the system. The purpose of this test is to measure the cost of
5162
creating a new semaphore.
5163
                
5164
              
5165
              
5166
                Post [0] semaphore
5167
                
5168
This test measures the cyg_semaphore_post() call.
5169
Each semaphore currently has a value of 0 and there are no other
5170
threads in the system. The purpose of this test is to measure the
5171
overhead cost of posting to a semaphore. This cost will differ if
5172
there is a thread waiting for the semaphore.
5173
                
5174
              
5175
              
5176
                Wait [1] semaphore
5177
                
5178
This test measures the cyg_semaphore_wait() call.
5179
The semaphore has a current value of 1 so the call is non-blocking.
5180
The purpose of the test is to measure the overhead of
5181
“taking” a semaphore.
5182
                
5183
              
5184
              
5185
                Trywait [0] semaphore
5186
                
5187
This test measures the cyg_semaphore_trywait()
5188
call. The semaphore has a value of 0 when the call is made. The
5189
purpose of this test is to measure the cost of seeing if a semaphore
5190
can be “taken” without blocking. In this case, the answer
5191
would be no.
5192
                
5193
              
5194
              
5195
                Trywait [1] semaphore
5196
                
5197
This test measures the cyg_semaphore_trywait()
5198
call. The semaphore has a value of 1 when the call is made. The
5199
purpose of this test is to measure the cost of seeing if a semaphore
5200
can be “taken” without blocking. In this case, the answer
5201
would be yes.
5202
                
5203
              
5204
              
5205
                Peek semaphore
5206
                
5207
This test measures the cyg_semaphore_peek() call.
5208
The purpose of this test is to measure the cost of obtaining the
5209
current semaphore count value.
5210
                
5211
              
5212
              
5213
                Destroy semaphore
5214
                
5215
This test measures the cyg_semaphore_destroy()
5216
call. The purpose of this test is to measure the cost of deleting a
5217
semaphore from the system.
5218
                
5219
              
5220
              
5221
                Post/Wait semaphore
5222
                
5223
In this round-trip test, two threads are passing control back and
5224
forth by using a semaphore. The time from when one thread calls
5225
cyg_semaphore_post() until the other thread
5226
completes its cyg_semaphore_wait() is measured.
5227
Note that each iteration of this test will involve a thread switch.
5228
                
5229
              
5230
            
5231
          
5232
 
5233
          
5234
            Counters
5235
            
5236
              
5237
                Create counter
5238
                
5239
This test measures the cyg_counter_create() call.
5240
A number of separate counters are created. The purpose of this test is
5241
to measure the cost of creating a new counter and introducing it to
5242
the system.
5243
                
5244
              
5245
              
5246
                Get counter value
5247
                
5248
This test measures the
5249
cyg_counter_current_value() call. The current
5250
value of each counter is obtained.
5251
                
5252
              
5253
              
5254
                Set counter value
5255
                
5256
This test measures the cyg_counter_set_value()
5257
call. Each counter is set to a new value.
5258
                
5259
              
5260
              
5261
                Tick counter
5262
                
5263
This test measures the cyg_counter_tick() call.
5264
Each counter is “ticked” once.
5265
                
5266
              
5267
              
5268
                Delete counter
5269
                
5270
This test measures the cyg_counter_delete() call.
5271
Each counter is deleted from the system. The purpose of this test is
5272
to measure the cost of deleting a counter object.
5273
                
5274
              
5275
            
5276
          
5277
 
5278
          
5279
            Alarms
5280
            
5281
              
5282
                Create alarm
5283
                
5284
This test measures the cyg_alarm_create() call. A
5285
number of separate alarms are created, all attached to the same
5286
counter object. The purpose of this test is to measure the cost of
5287
creating a new counter and introducing it to the system.
5288
                
5289
              
5290
              
5291
                Initialize alarm
5292
                
5293
This test measures the cyg_alarm_initialize()
5294
call. Each alarm is initialized to a small value.
5295
                
5296
              
5297
              
5298
                Disable alarm
5299
                
5300
This test measures the cyg_alarm_disable() call.
5301
Each alarm is explicitly disabled.
5302
                
5303
              
5304
              
5305
                Enable alarm
5306
                
5307
This test measures the cyg_alarm_enable() call.
5308
Each alarm is explicitly enabled.
5309
                
5310
              
5311
              
5312
                Delete alarm
5313
                
5314
This test measures the cyg_alarm_delete() call.
5315
Each alarm is destroyed. The purpose of this test is to measure the
5316
cost of deleting an alarm and removing it from the system.
5317
                
5318
              
5319
              
5320
                Tick counter [1 alarm]
5321
                
5322
This test measures the cyg_counter_tick() call. A
5323
counter is created that has a single alarm attached to it. The purpose
5324
of this test is to measure the cost of “ticking” a counter
5325
when it has a single attached alarm. In this test, the alarm is not
5326
activated (fired).
5327
                
5328
              
5329
              
5330
                Tick counter [many alarms]
5331
                
5332
This test measures the cyg_counter_tick() call. A
5333
counter is created that has multiple alarms attached to it. The
5334
purpose of this test is to measure the cost of “ticking” a
5335
counter when it has many attached alarms. In this test, the alarms are
5336
not activated (fired).
5337
                
5338
              
5339
              
5340
                Tick & fire counter [1 alarm]
5341
                
5342
This test measures the cyg_counter_tick() call. A
5343
counter is created that has a single alarm attached to it. The purpose
5344
of this test is to measure the cost of “ticking” a counter
5345
when it has a single attached alarm. In this test, the alarm is
5346
activated (fired). Thus the measured time will include the overhead of
5347
calling the alarm callback function.
5348
                
5349
              
5350
              
5351
                Tick & fire counter [many alarms]
5352
                
5353
This test measures the cyg_counter_tick() call. A
5354
counter is created that has multiple alarms attached to it. The
5355
purpose of this test is to measure the cost of “ticking” a
5356
counter when it has many attached alarms. In this test, the alarms are
5357
activated (fired). Thus the measured time will include the overhead of
5358
calling the alarm callback function.
5359
                
5360
              
5361
              
5362
                Alarm latency [0 threads]
5363
                
5364
This test attempts to measure the latency in calling an alarm callback
5365
function. The time from the clock interrupt until the alarm function
5366
is called is measured. In this test, there are no threads that can be
5367
run, other than the system idle thread, when the clock interrupt
5368
occurs (all threads are suspended).
5369
                
5370
              
5371
              
5372
                Alarm latency [2 threads]
5373
                
5374
This test attempts to measure the latency in calling an alarm callback
5375
function. The time from the clock interrupt until the alarm function
5376
is called is measured. In this test, there are exactly two threads
5377
which are running when the clock interrupt occurs. They are simply
5378
passing back and forth by way of the
5379
cyg_thread_yield() call. The purpose of this test
5380
is to measure the variations in the latency when there are executing
5381
threads.
5382
                
5383
              
5384
              
5385
                Alarm latency [many threads]
5386
                
5387
This test attempts to measure the latency in calling an alarm callback
5388
function. The time from the clock interrupt until the alarm function
5389
is called is measured. In this test, there are a number of threads
5390
which are running when the clock interrupt occurs. They are simply
5391
passing back and forth by way of the
5392
cyg_thread_yield() call. The purpose of this test
5393
is to measure the variations in the latency when there are many
5394
executing threads.
5395
                
5396
              
5397
            
5398
          
5399
 
5400
    
5401
 
5402
  
5403
 
5404
5405
 
5406

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.